Microsoft Patch Tuesday September 2025 Including CVSS 10.0 Azure Flaw
Microsoft has rolled out its latest Patch Tuesday security update for September 2025, addressing 80 vulnerabilities across Windows, Azure, and […]
Security
Plex Data Breach 2025: Users Told to Reset Passwords After Hacking Attack
Plex, one of the most popular media streaming platforms, has issued a warning to its global users after discovering a
Sitecore CVE-2025-53690: CISA Warns of Critical Flaw Allowing Remote Code Execution
CISA has issued an urgent warning for organizations using Sitecore. Federal Civilian Executive Branch (FCEB) agencies have been ordered to
Palo Alto Networks Confirms Salesforce Data Breach After OAuth Token Theft
Palo Alto Networks has confirmed a data breach that exposed customer information and support tickets after cyber attackers gained unauthorized
Hackers Exploit VPS to Bypass Security and Compromise SaaS Accounts
Experts have warned that hackers are increasingly using virtual private servers (VPS) to break into software-as-a-service (SaaS) accounts. A new
CVE-2025-43300: Apple Patches Zero-Day Exploited in Targeted iPhone and Mac Attacks
Apple has rolled out urgent security updates for iOS, iPadOS, and macOS to patch a critical zero-day vulnerability actively exploited
Microsoft August 2025 Update Breaks Windows Reset and Recovery Tools
Microsoft has officially warned users that the August 2025 Windows security updates are causing serious issues with system recovery and
CVE-2025-25256: Fortinet Warns of Critical FortiSIEM Vulnerability With Exploit in the Wild
Fortinet has issued a critical security alert regarding a severe vulnerability in its FortiSIEM product. The flaw, identified as CVE-2025-25256,
Microsoft Sets End-of-Support Date for Windows 11 23H2 Home and Pro Editions
Microsoft has officially announced that Windows 11 version 23H2 for Home and Pro editions will reach its end of support
Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack
A new wave of cyberattacks involving the Akira ransomware group has targeted SonicWall SSL VPN devices, even those running the
Microsoft 365 Users Targeted by Fake OAuth Apps Using Tycoon Phishing Kit
Researchers have observed a sharp increase in cyberattacks targeting Microsoft 365 users, using a combination of fake OAuth applications and
Dahua IP Cameras at Risk: CVE-2025-31700 and CVE-2025-31701
Security researchers have uncovered two high-severity vulnerabilities in Dahua smart cameras that could let attackers remotely hijack the devices without
SysAid Zero-Day: CVE-2025-2775 and CVE-2025-2776 Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two serious vulnerabilities in the widely
Critical Cisco ISE Flaws Exploited in the Wild, Remote Root Access Without Login
Cisco has issued an updated security advisory confirming that hackers are now actively exploiting multiple severe vulnerabilities in its Identity
CISA Adds PHPMailer, Zimbra, and Rails Bugs to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding four high-risk security vulnerabilities to its