Notepad++ Supply Chain Attack Redirected Updates to Malware
A serious cybersecurity incident has come to light involving Notepad++, one of the world’s most popular free text editors used […]
Alert
CVE-2025-56005: Python PLY Bug Allows Remote Code Execution
A critical remote code execution (RCE) vulnerability has been discovered in Python PLY (Python Lex-Yacc), a well-known parsing library that
Apache NuttX RTOS: Filesystem Vulnerabilities Found and Fixed
The Apache Software Foundation has released important security updates for Apache NuttX RTOS, a widely used real-time operating system designed
Severe MongoDB RCE Vulnerability Tracked as CVE-2025-14847
MongoDB has issued an urgent security warning asking administrators and IT teams to immediately patch a newly discovered, high-severity vulnerability
Apple Fixes Actively Exploited WebKit Zero-Day Flaws Across iOS and macOS
Apple has released critical security updates for its entire ecosystem after confirming that two serious WebKit vulnerabilities were actively exploited
CVE-2025-12480: Triofox Users Warned of Active Exploits
Cybersecurity researchers have uncovered an active exploitation campaign targeting a critical vulnerability in Gladinet’s Triofox, a popular enterprise file-sharing and
Microsoft WSUS Under Attack: CVE-2025-59287 Exploited in the Wild
Microsoft has released an emergency security update to fix a critical remote code execution (RCE) vulnerability in its Windows Server
CISA Warns of Actively Exploited Adobe AEM Vulnerability (CVE-2025-54253)
CISA has issued a serious warning about a newly discovered security flaw in Adobe Experience Manager (AEM). The vulnerability, tracked
CVE-2025-41244: VMware Zero-Day Exploited in Real Attacks, Patch Released
A critical security flaw in Broadcom VMware Tools and VMware Aria Operations has been actively exploited by a China-linked hacking
CISA Warns of Actively Exploited TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377
CISA has issued a fresh warning for TP-Link router users. On Wednesday, CISA added two serious vulnerabilities impacting TP-Link devices to
Hackers Exploit WinRAR Zero-Day CVE-2025-8088: Patch to Version 7.13 Now
WinRAR, one of the most widely used file archiving tools for Windows, has patched a high-severity flaw tracked as CVE-2025-8088
Microsoft 365 Users Targeted by Fake OAuth Apps Using Tycoon Phishing Kit
Researchers have observed a sharp increase in cyberattacks targeting Microsoft 365 users, using a combination of fake OAuth applications and
AMD Warns of TSA Side-Channel Attacks Impacting Ryzen and EPYC CPUs
Semiconductor giant AMD has issued a security advisory about a new class of speculative execution vulnerabilities known as Transient Scheduler
CVE-2025-20281 & CVE-2025-20282: Cisco ISE Bugs With 10/10 Severity
Cisco has issued urgent security updates to fix two critical remote code execution (RCE) vulnerabilities found in its Identity Services
U.S. on High Alert: Pro-Iranian Hackers Likely to Strike American Networks
The U.S. Department of Homeland Security (DHS) has issued a serious warning about the possibility of cyberattacks on American networks