A sophisticated supply chain attack has compromised ETHcode, a popular Visual Studio Code extension for Ethereum development, through a malicious GitHub pull request that required…
A sophisticated cyberattack orchestrated by Chinese state-sponsored hackers has exposed vulnerabilities in the global cybersecurity infrastructure, targeting critical COVID-19 research from American universities and exploiting…
Splunk has released critical security updates addressing multiple Common Vulnerabilities and Exposures (CVEs) in third-party packages across Enterprise versions 9.4.3, 9.3.5, 9.2.7, 9.1.10, and higher. …
A sophisticated Trojan malware known as SparkKitty has been actively targeting iOS and Android devices since early 2024, infiltrating both official app stores and untrusted…
A critical security vulnerability has been discovered in Citrix Windows Virtual Delivery Agent that allows local attackers to escalate privileges and gain SYSTEM-level access to…
Apache Tomcat has addressed three critical denial-of-service (DoS) vulnerabilities that could allow malicious actors to disrupt web applications and services. These security flaws, tracked as…
A critical information disclosure vulnerability in Microsoft SQL Server, designated as CVE-2025-49719, allows unauthorized attackers to access sensitive data over network connections. This vulnerability stems…
A critical security vulnerability in Microsoft Remote Desktop Client could allow attackers to execute arbitrary code on victim systems. The vulnerability, designated as CVE-2025-48817, affects…
CISA has issued a critical warning regarding a path traversal vulnerability in the Ruby on Rails framework that poses significant risks to web applications worldwide. …
A critical vulnerability in DNN (formerly DotNetNuke) that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as…
Phishing kits are evolving fast. Threat actors behind toolkits like Tycoon2FA, EvilProxy, and Sneaky2FA are getting smarter, setting up infrastructure that bypasses 2FA and mimics…
MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, affecting devices from smartphones to IoT platforms. The update,…
