A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms…
Three critical bypasses in Ubuntu Linux’s unprivileged user namespace restrictions allow local attackers to escalate privileges and exploit kernel vulnerabilities. These bypasses affect Ubuntu 23.10…
The cybersecurity landscape is witnessing a growing complexity in the attribution of Advanced Persistent Threat (APT) actors, particularly the North Korean-linked Lazarus group. Once considered…
Dell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary…
A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise file transfer solution, allows attackers to bypass authentication and gain unauthorized server access. The vulnerability,…
Canon has issued a critical security advisory regarding a severe vulnerability detected in several of its printer drivers that could allow attackers to execute arbitrary…
Security researchers have published a detailed technical analysis of a critical remote code execution (RCE) vulnerability (CVE-2023-38408) in OpenSSH’s agent forwarding feature that was disclosed…
A critical vulnerability in PHP’s libxml streams has been identified, potentially impacting web applications that rely on the DOM or SimpleXML extensions for HTTP requests.…
A sophisticated social engineering technique known as ClickFix has emerged, leveraging fake CAPTCHA verification processes to deceive users into executing malicious commands. This method exploits…
A newly discovered Android banking malware named TsarBot is targeting over 750 applications globally, including banking, finance, cryptocurrency, and e-commerce platforms. Identified by Cyble Research…
A critical vulnerability in Apache Tomcat has been actively exploited by attackers to achieve remote code execution (RCE) on vulnerable servers. This vulnerability affects versions…
The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants…
