CVE-2025-47577: Critical File Upload Vulnerability Found in Wishlist WordPress Plugin
A severe flaw has been discovered in the TI WooCommerce Wishlist plugin, which is used by more than 100,000 WordPress […]
Microsoft OneDrive File Picker Bug Exposes Entire Cloud Storage to Third-Party Apps
A security flaw has been discovered in Microsoft’s OneDrive File Picker that could allow third-party apps and websites to access
Fake VPN and Browser Installers Drop Winos 4.0 Malware in Stealth Attacks
Researchers from Rapid7 have revealed an ongoing malware campaign that tricks users into installing Winos 4.0, a powerful and stealthy
CISA Warns of Cloud Attacks Targeting Microsoft 365 App Secrets
Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about possible large-scale cyberattacks targeting Software-as-a-Service (SaaS) applications, especially those
CVE-2025-47949: Samlify Vulnerability Allows Admin Account Takeover
A security flaw has been discovered in Samlify, a popular Single Sign-On (SSO) library used in Node.js applications. This critical
Trojanized KeePass Password Manager Targets ESXi Servers
Hackers have been distributing fake versions of the popular KeePass password manager to spread malware and launch ransomware attacks. According
Pwn2Own 2025: Mozilla Patches Critical Firefox Vulnerabilities in Record Time
Mozilla has released urgent security updates for Firefox after two dangerous zero-day vulnerabilities were discovered during the Pwn2Own Berlin 2025
Defendnot Tool Disables Microsoft Defender with Fake Antivirus
A newly discovered tool called Defendnot is making headlines in the cybersecurity world for its ability to turn off Microsoft
CVE-2025-32756: Fortinet Patches FortiVoice Remote Code Execution Flaw
Fortinet has issued patches for a critical zero-day vulnerability, CVE-2025-32756, that was being actively exploited in attacks targeting FortiVoice enterprise
May 2025 Patch Tuesday: Zero-Days and Critical Bugs in Windows, Azure
Microsoft’s May 2025 Patch Tuesday update addresses 78 security flaws, including five zero-day vulnerabilities that are currently being exploited by
Two Critical Bugs in ASUS DriverHub Let Attackers Run Malware Remotely
ASUS has issued important security updates to patch two high-risk vulnerabilities in its DriverHub software that could allow hackers to
Bluetooth 6.1 Improves User Privacy with Smarter Address Randomization
The Bluetooth Special Interest Group (SIG) has officially announced the release of Bluetooth Core Specification 6.1, marking a major upgrade
UN Launches UNIDIR Cyber-Attack Framework to Simplify Cyber Attack Analysis
The United Nations (UN) has launched a new cybersecurity assessment tool called the UNIDIR Intrusion Path framework, designed to help
SentinelOne EDR Bypassed By Hackers Using EDR Upgrade Flaw
Cyber experts have disclosed a new method that allows hackers to bypass SentinelOne’s Endpoint Detection and Response (EDR) system, putting
CVE-2024-7399: Critical Samsung MagicINFO Server RCE Flaw Exploited
A security flaw in Samsung’s MagicINFO 9 Server is now being actively used by hackers to hijack systems and install