Apache NuttX RTOS: Filesystem Vulnerabilities Found and Fixed
The Apache Software Foundation has released important security updates for Apache NuttX RTOS, a widely used real-time operating system designed […]
Alert
Severe MongoDB RCE Vulnerability Tracked as CVE-2025-14847
MongoDB has issued an urgent security warning asking administrators and IT teams to immediately patch a newly discovered, high-severity vulnerability
Apple Fixes Actively Exploited WebKit Zero-Day Flaws Across iOS and macOS
Apple has released critical security updates for its entire ecosystem after confirming that two serious WebKit vulnerabilities were actively exploited
CVE-2025-12480: Triofox Users Warned of Active Exploits
Cybersecurity researchers have uncovered an active exploitation campaign targeting a critical vulnerability in Gladinet’s Triofox, a popular enterprise file-sharing and
Microsoft WSUS Under Attack: CVE-2025-59287 Exploited in the Wild
Microsoft has released an emergency security update to fix a critical remote code execution (RCE) vulnerability in its Windows Server
CISA Warns of Actively Exploited Adobe AEM Vulnerability (CVE-2025-54253)
CISA has issued a serious warning about a newly discovered security flaw in Adobe Experience Manager (AEM). The vulnerability, tracked
CVE-2025-41244: VMware Zero-Day Exploited in Real Attacks, Patch Released
A critical security flaw in Broadcom VMware Tools and VMware Aria Operations has been actively exploited by a China-linked hacking
CISA Warns of Actively Exploited TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377
CISA has issued a fresh warning for TP-Link router users. On Wednesday, CISA added two serious vulnerabilities impacting TP-Link devices to
Hackers Exploit WinRAR Zero-Day CVE-2025-8088: Patch to Version 7.13 Now
WinRAR, one of the most widely used file archiving tools for Windows, has patched a high-severity flaw tracked as CVE-2025-8088
Microsoft 365 Users Targeted by Fake OAuth Apps Using Tycoon Phishing Kit
Researchers have observed a sharp increase in cyberattacks targeting Microsoft 365 users, using a combination of fake OAuth applications and
AMD Warns of TSA Side-Channel Attacks Impacting Ryzen and EPYC CPUs
Semiconductor giant AMD has issued a security advisory about a new class of speculative execution vulnerabilities known as Transient Scheduler
CVE-2025-20281 & CVE-2025-20282: Cisco ISE Bugs With 10/10 Severity
Cisco has issued urgent security updates to fix two critical remote code execution (RCE) vulnerabilities found in its Identity Services
U.S. on High Alert: Pro-Iranian Hackers Likely to Strike American Networks
The U.S. Department of Homeland Security (DHS) has issued a serious warning about the possibility of cyberattacks on American networks
TP-Link Router Vulnerability CVE-2023-33538 Under Active Exploit, Warns CISA
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority warning about a serious vulnerability affecting several TP-Link
CISA Warns of SinoTrack GPS Security Bug Allowing Track and Disable Cars
Security researchers have found two major vulnerabilities in SinoTrack GPS tracking devices that put connected vehicles at serious risk. These