CVE-2025-3102: OttoKit WordPress Plugin Exploit Gives Hackers Full Site Control
A serious security vulnerability in the popular OttoKit WordPress plugin (formerly known as SureTriggers) is being actively exploited by hackers […]
Web Security
CVE-2025-30406: CentreStack Vulnerability Lets Hackers Remotely Control Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious security vulnerability affecting Gladinet CentreStack,
Severe Apache Parquet Flaw (CVE-2025-30065) Exposes Big Data Systems
A maximum severity remote code execution (RCE) vulnerability has been identified in Apache Parquet, affecting all versions up to and
Malware in WordPress: Hackers Exploit mu-Plugins to Hijack Images and Links
Cybercriminals are exploiting a little-known feature in WordPress known as “mu-plugins” to inject malicious code, enabling persistent access to infected
Mozilla Fixes High-Risk Firefox Vulnerability Similar to Chrome’s Zero-Day
Mozilla has rolled out critical security updates for its Firefox browser on Windows, addressing a severe vulnerability that could allow
Google Patches High-Severity Chrome Vulnerability: CVE-2025-2783
Google has released an urgent security update to fix a high-severity zero-day vulnerability in its Chrome browser. The flaw, tracked
CVE-2025-29927: Next.js Vulnerability Exposes Websites to Authorization Bypass
A vulnerability in Next.js, an open-source React framework, could allow attackers to bypass authorization mechanisms, exposing web applications to security
Persistent Malware ‘DollyWay’ Infects 20,000 WordPress Sites Since 2016
A large-scale malware campaign known as ‘DollyWay’ has been silently compromising WordPress websites since 2016. Over the past eight years,
Critical Apache Tomcat RCE Flaw (CVE-2025-24813) Actively Exploited – Patch Now!
A remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is currently being exploited in the wild. This