Static AES keys are enabling attackers to decrypt access tokens and reach remote code execution, triggering urgent patch ...
Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy ...
FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...
Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in ...
Huntress reports active attacks abusing Gladinet’s fixed cryptographic keys to forge tickets and gain remote code execution ...
In the Barracuda Networks Inc. case, a single unauthenticated SOAP request was sufficient to force the application to import ...
Background In 2024, the UK National Institute of Health and Care Excellence (NICE) recommended TriageHF alerts as an option ...
Attackers are actively exploiting a zero-day bug in Gogs, a popular self-hosted Git service, and the open source project ...
A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...
The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager ...
WinRAR has an active remote code execution vulnerability, and Windows 10 users are also being targeted by an elevation of ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback