OpenPLC ScadaBR XSS Exploit CVE-2021-26829: CISA Issues Warning
CISA has added a newly confirmed, actively exploited vulnerability in OpenPLC ScadaBR to its Known Exploited Vulnerabilities (KEV) catalog. This […]
Security
Microsoft Issues Urgent Fix for Actively Exploited Windows Zero-Day
Microsoft has released its latest Patch Tuesday update, addressing 63 security vulnerabilities across its products. Among them is a Windows
CISA Warns of Actively Exploited Adobe AEM Vulnerability (CVE-2025-54253)
CISA has issued a serious warning about a newly discovered security flaw in Adobe Experience Manager (AEM). The vulnerability, tracked
Meteobridge Security Flaw CVE-2025-4008 Under Active Attack, Patch Now
CISA has flagged a new high-severity vulnerability in Meteobridge devices that is currently being exploited in real-world attacks. The flaw,
Fortra Patches Critical CVSS 10.0 Flaw in GoAnywhere MFT (CVE-2025-10035)
Fortra, the company behind the widely used GoAnywhere Managed File Transfer (MFT) software, has released a critical security patch to
Microsoft Patch Tuesday September 2025 Including CVSS 10.0 Azure Flaw
Microsoft has rolled out its latest Patch Tuesday security update for September 2025, addressing 80 vulnerabilities across Windows, Azure, and
Plex Data Breach 2025: Users Told to Reset Passwords After Hacking Attack
Plex, one of the most popular media streaming platforms, has issued a warning to its global users after discovering a
Sitecore CVE-2025-53690: CISA Warns of Critical Flaw Allowing Remote Code Execution
CISA has issued an urgent warning for organizations using Sitecore. Federal Civilian Executive Branch (FCEB) agencies have been ordered to
Palo Alto Networks Confirms Salesforce Data Breach After OAuth Token Theft
Palo Alto Networks has confirmed a data breach that exposed customer information and support tickets after cyber attackers gained unauthorized
Hackers Exploit VPS to Bypass Security and Compromise SaaS Accounts
Experts have warned that hackers are increasingly using virtual private servers (VPS) to break into software-as-a-service (SaaS) accounts. A new
CVE-2025-43300: Apple Patches Zero-Day Exploited in Targeted iPhone and Mac Attacks
Apple has rolled out urgent security updates for iOS, iPadOS, and macOS to patch a critical zero-day vulnerability actively exploited
Microsoft August 2025 Update Breaks Windows Reset and Recovery Tools
Microsoft has officially warned users that the August 2025 Windows security updates are causing serious issues with system recovery and
CVE-2025-25256: Fortinet Warns of Critical FortiSIEM Vulnerability With Exploit in the Wild
Fortinet has issued a critical security alert regarding a severe vulnerability in its FortiSIEM product. The flaw, identified as CVE-2025-25256,
Microsoft Sets End-of-Support Date for Windows 11 23H2 Home and Pro Editions
Microsoft has officially announced that Windows 11 version 23H2 for Home and Pro editions will reach its end of support
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack
A new wave of cyberattacks involving the Akira ransomware group has targeted SonicWall SSL VPN devices, even those running the