Vulnerability

WhatsApp disclosed a zero-click vulnerability (CVE-2025-55177) in its iOS and macOS apps, exploited in targeted zero-day attacks alongside an Apple…

The Sangoma FreePBX Security Team disclosed an actively exploited zero-day vulnerability in FreePBX systems with exposed Administrator Control Panels (ACP)…

Citrix disclosed a critical zero-day vulnerability (CVE-2025-7775) in its NetScaler ADC and NetScaler Gateway products, actively exploited in the wild…

Critical Authentication Bypass Flaw in TP-Link VIGI Cameras Exposes Surveillance Systems to Unauthorized Access A high-severity authentication vulnerability (CVE-2026-0629) has…

The article highlights critical vulnerabilities in N-able’s N-central, an RMM (Remote Monitoring and Management) tool used by MSPs (Managed…

AWS’s Trusted Advisor tool, designed to alert customers if their S3 storage buckets are publicly exposed, was found to…

Apple disclosed a critical zero-day vulnerability (CVE-2025-43300) in its Image I/O framework, affecting iPhones, iPads, and Macs. The flaw,…

Bitwarden, a widely used password manager with millions of users, was found vulnerable to unpatched clickjacking flaws that allow attackers…

Critical vulnerabilities were discovered in Lenovo’s AI-powered customer support chatbot, Lena, which leverages OpenAI’s GPT-4. The flaw stemmed…

A series of critical vulnerabilities in McDonald’s digital infrastructure exposed severe security lapses across multiple systems. The flaws began…

A Use-After-Free (UAF) vulnerability (CVE-2019-5786) was discovered in Google Chrome’s FileReader API, exposing millions of users to remote code…

F5 Networks disclosed CVE-2025-54500, a critical HTTP/2 vulnerability dubbed *MadeYouReset Attack* in its BIG-IP products, enabling remote, unauthenticated attackers…