Cline CLI 2.3.0 Compromised in npm Supply Chain Attack
A supply chain attack has affected developers using Cline CLI, an open-source AI-powered coding assistant. The incident occurred after attackers published […]
Security
Microsoft Fixes 114 Windows Bugs: January 2026 Patch Tuesday
Microsoft has released its first Patch Tuesday update of 2026, fixing a total of 114 security vulnerabilities in Windows. Importantly,
Trend Micro Patches Apex Central 9.8 Rated RCE Flaw: CVE-2025-69258
Trend Micro has released important security updates to fix multiple vulnerabilities in its Apex Central on-premise Windows platform. Among these
Microsoft Patch Tuesday: 56 Bugs Fixed, Including Two Zero-Days
Microsoft has released its final security update of 2025, delivering patches for 56 security flaws across the Windows ecosystem. This
Apache Tika Hit by Critical XXE Bug CVE-2025-66516
A major security warning has been issued for Apache Tika, a widely used tool for content detection and file parsing.
India Mandates Sanchar Saathi App on All New Smartphones
In a major move to strengthen telecom security, the Government of India has ordered all mobile phone manufacturers to pre-install
OpenPLC ScadaBR XSS Exploit CVE-2021-26829: CISA Issues Warning
CISA has added a newly confirmed, actively exploited vulnerability in OpenPLC ScadaBR to its Known Exploited Vulnerabilities (KEV) catalog. This
Microsoft Issues Urgent Fix for Actively Exploited Windows Zero-Day
Microsoft has released its latest Patch Tuesday update, addressing 63 security vulnerabilities across its products. Among them is a Windows
CISA Warns of Actively Exploited Adobe AEM Vulnerability (CVE-2025-54253)
CISA has issued a serious warning about a newly discovered security flaw in Adobe Experience Manager (AEM). The vulnerability, tracked
Meteobridge Security Flaw CVE-2025-4008 Under Active Attack, Patch Now
CISA has flagged a new high-severity vulnerability in Meteobridge devices that is currently being exploited in real-world attacks. The flaw,
Fortra Patches Critical CVSS 10.0 Flaw in GoAnywhere MFT (CVE-2025-10035)
Fortra, the company behind the widely used GoAnywhere Managed File Transfer (MFT) software, has released a critical security patch to
Microsoft Patch Tuesday September 2025 Including CVSS 10.0 Azure Flaw
Microsoft has rolled out its latest Patch Tuesday security update for September 2025, addressing 80 vulnerabilities across Windows, Azure, and
Plex Data Breach 2025: Users Told to Reset Passwords After Hacking Attack
Plex, one of the most popular media streaming platforms, has issued a warning to its global users after discovering a
Sitecore CVE-2025-53690: CISA Warns of Critical Flaw Allowing Remote Code Execution
CISA has issued an urgent warning for organizations using Sitecore. Federal Civilian Executive Branch (FCEB) agencies have been ordered to
Palo Alto Networks Confirms Salesforce Data Breach After OAuth Token Theft
Palo Alto Networks has confirmed a data breach that exposed customer information and support tickets after cyber attackers gained unauthorized