Fortra Patches Critical CVSS 10.0 Flaw in GoAnywhere MFT (CVE-2025-10035)
Fortra, the company behind the widely used GoAnywhere Managed File Transfer (MFT) software, has released a critical security patch to […]
Vulnerability
CVE-2025-43300: Apple Issues Backported Fix After Spyware Exploitation
Apple has backported fixes for a major vulnerability that was actively exploited in sophisticated spyware attacks. The flaw, identified as
Critical DELMIA Apriso RCE Flaw CVE-2025-5086 Under Attack, CISA Alerts
CISA has issued a warning about a newly discovered and actively exploited vulnerability in Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM)
CVE-2025-49870: WordPress Paid Membership Plugin Users at Risk from SQL Injection
A new high-risk security flaw has been discovered in the WordPress Paid Membership Subscriptions plugin, a tool widely used to
Salesforce Data Breach: Salesloft OAuth Exploit via Drift AI App
A major cybersecurity incident has shaken the SaaS ecosystem as hackers exploited a security gap in Salesloft’s Drift AI chat
Docker Desktop Vulnerability CVE-2025-9074 Rated 9.3 CVSS: Update Immediately
Docker has released an urgent security update to fix a critical vulnerability in Docker Desktop for Windows and macOS. The
Cisco Patches Critical FMC RADIUS Flaw (CVE-2025-20265) with CVSS 10.0 Rating
Cisco has released critical security updates to address a maximum-severity flaw in its Secure Firewall Management Center (FMC) Software. The
CVE-2025-25256: Fortinet Warns of Critical FortiSIEM Vulnerability With Exploit in the Wild
Fortinet has issued a critical security alert regarding a severe vulnerability in its FortiSIEM product. The flaw, identified as CVE-2025-25256,
Hackers Exploit WinRAR Zero-Day CVE-2025-8088: Patch to Version 7.13 Now
WinRAR, one of the most widely used file archiving tools for Windows, has patched a high-severity flaw tracked as CVE-2025-8088
CVE-2025-53786: Exchange Server Flaw Lets Hackers Access Cloud Without Detection
Microsoft has issued a high-severity security warning about a critical vulnerability affecting on-premise Exchange Servers used in hybrid cloud setups.
CVE-2025-24000: Post SMTP Vulnerability & Admin Takeover of WordPress Sites
A security vulnerability in the popular Post SMTP plugin for WordPress has left over 200,000 websites exposed to potential hijacking
Mitel MiVoice MX-ONE Vulnerability Allows Admin Access Without Login
Mitel, a leading provider of business communication solutions, has issued an important security update for its MiVoice MX-ONE platform. The
SysAid Zero-Day: CVE-2025-2775 and CVE-2025-2776 Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two serious vulnerabilities in the widely
CVE-2025-6463: Critical Forminator Plugin Flaw Puts 600,000 WordPress Sites at Risk
A serious vulnerability in the popular Forminator plugin for WordPress has exposed over 600,000 websites to the risk of complete
CI/CD Flaw in Open VSX Could Let Hackers Hijack VS Code Marketplace
A severe security vulnerability has been uncovered in the Open VSX Registry (open-vsx[.]org), potentially exposing millions of developers and their