A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks...
Read more →
A sophisticated malvertising campaign has emerged that specifically targets hoteliers and vacation rental operators by impersonating well-known service providers. Okta...
Read more →
A critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according...
Read more →
Criminal IP, the AI-powered threat intelligence and attack surface management (ASM) platform developed by AI SPERA, announced its official entry...
Read more →
In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for...
Read more →
A startling vulnerability in Pudu Robotics’ management APIs that allowed anyone with minimal technical skill to seize control of the...
Read more →
Apple appears poised to remove the physical SIM card slot from its upcoming iPhone 17 models in more countries, with...
Read more →
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus...
Read more →
In recent months, Trustwave SpiderLabs—a LevelBlue company renowned for its threat intelligence and incident response services—has observed a marked uptick...
Read more →
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in...
Read more →
An Android malware tracker named SikkahBot, active since July 2024 and explicitly targeting students in Bangladesh. Disguised as applications from...
Read more →
Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within...
Read more →