SonicWall OS Command Injection Vulnerability Exploited in the Wild
SonicWall has issued an urgent warning to customers that threat actors are actively exploiting a high-severity command injection vulnerability in its Secure Mobile Access (SMA)…
Category: CyberSecurityNews
Hijacking NodeJS’ Jenkins Agents For Remote Code Execution
Security researchers recently uncovered a critical vulnerability in Node.js’s continuous integration infrastructure that allowed attackers to execute malicious code on internal Jenkins agents, potentially leading…
Researchers Leveraged OAuth Misconfiguration to Access Sensitive Data Without Restrictions
A security researcher identified as Remy disclosed a critical vulnerability discovered during a YesWeHack bug bounty engagement. The researcher uncovered exposed OAuth credentials that granted…
Anthropic Report Sheds Light on Emerging Threats from Generative AI Misuse
The cybersecurity landscape faces unprecedented challenges as artificial intelligence systems become increasingly weaponized by malicious actors. A groundbreaking report released on April 24, 2025, by…
The CISO’s Guide to Managing Cyber Risk in Hybrid Workplaces
Hybrid work has become a permanent fixture in the modern enterprise, blending remote and in-office operations to enhance flexibility and productivity. However, this model introduces…
Firefox 138 Released With Fix for Multiple High-severity Vulnerabilities
Mozilla has released Firefox 138, addressing several high-severity security vulnerabilities while introducing long-awaited features, including improved profile management. Security researchers identified multiple critical flaws that…
Samsung MagicINFO Vulnerability Allows Remote Code Execution Without Valid User
A critical security vulnerability has been discovered in Samsung’s MagicINFO digital signage management platform that could allow attackers to execute arbitrary code with system-level privileges…
Link11 brings three brands together on one platform with new branding
Link11 has fully integrated DOSarrest and Reblaze to become one of Europe’s leading providers of network security, web application security, and application performance Link11, DOSarrest,…
Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data
A critical Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Server (ZCS) versions 9.0 through 10.1, tracked as CVE-2025-32354, allows attackers to execute unauthorized GraphQL…
PowerDNS DNSdist Vulnerability Let Attackers Cause Denial of Service Condition
A high-severity vulnerability (CVE-2025-30194) in PowerDNS DNSdist, a widely used DNS load balancer and security tool, enables remote attackers to trigger denial-of-service (DoS) conditions by…
WhatsApp Introduces AI Tools With Promise of Full Message Secrecy
WhatsApp, the world’s largest messaging platform, has announced a major leap in privacy-preserving artificial intelligence (AI) with the introduction of its new “Private Processing” system. …
Avast Antivirus Vulnerability Let Attackers Escalate Privileges
Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with…