FileZen CVE-2026-25108 Actively Exploited Command Injection Vulnerability
CISA has officially confirmed that a serious security flaw in FileZen, a popular file transfer product, is being actively exploited by […]
Web Security
Critical Chrome Security Flaw CVE-2026-2441 Under Active Attack
Google has released an urgent security update for its Chrome web browser after confirming that a dangerous zero-day vulnerability is
Fortinet Patches Critical FortiClientEMS SQL Injection Vulnerability (CVE-2026-21643)
Fortinet has released important security updates to fix a critical SQL injection (SQLi) vulnerability in FortiClientEMS, a widely used endpoint
BeyondTrust CVE-2026-1731 Pre-Auth RCE Flaw in Remote Support and PRA
BeyondTrust has released urgent security updates to fix a critical pre-authentication remote code execution (RCE) vulnerability affecting its Remote Support
NGINX Servers Targeted in Widespread Web Traffic Redirection Attacks
Researchers have uncovered a large-scale web traffic hijacking campaign that abuses malicious NGINX configurations to secretly intercept and redirect legitimate
CVE-2025-40551: SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical SolarWinds Web Help Desk vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that the
SmarterMail Servers Exposed to Remote Code Execution: CVE-2026-24423
SmarterTools has released urgent security updates for its SmarterMail email server software, fixing multiple serious vulnerabilities, including a critical unauthenticated
CVE-2026-23550: WordPress Plugin Under Active Exploitation
A critical WordPress security vulnerability has been discovered in the popular Modular DS plugin, and it is already being actively
IBM API Connect Hit by CVE-2025-13915 Authentication Bypass Bug
IBM has released an urgent security warning after discovering a critical vulnerability in IBM API Connect that could allow attackers
CVE-2025-6389: Sneeit RCE Exploited as Frost Botnet Uses CVE-2025-2611
A new wave of cyberattacks is hitting WordPress websites and ICTBroadcast servers after two major security flaws were publicly exposed.
CVE-2024-38197: Microsoft Teams Bug Allows Message Spoofing and Hidden Edits
Microsoft Teams, one of the world’s most widely used collaboration platforms, has recently come under scrutiny after cybersecurity researchers discovered
CVE-2025-5397: Hackers Exploit Jobmonster WordPress Theme to Gain Admin Access
A high-risk security flaw has been discovered in the Jobmonster Job Board WordPress Theme, one of the most popular themes
Hackers Exploit YouTube: Massive Ghost Network Spreads Malware Through Popular Videos
A massive cyber campaign called the “YouTube Ghost Network” has been exposed, revealing how cybercriminals used over 3,000 YouTube videos
Oracle E-Business Suite Bug CVE-2025-61884 Allows Data Theft Without Login
Oracle has issued a security alert about a newly discovered vulnerability in its widely used Oracle E-Business Suite (EBS). The
CVE-2025-11371 Under Attack: Gladinet and TrioFox Servers Exploited in the Wild
Cybersecurity firm Huntress has issued a critical security warning after detecting active exploitation of a zero-day vulnerability affecting Gladinet CentreStack