Zyxel RCE Flaw Lets Attackers Run Commands Without Authentication
Security researcher Alessandro Sgreccia (aka “rainpwn”) has revealed a set of critical vulnerabilities in Zyxel’s USG FLEX-H firewall series that...
Read more →Category: GBHackers
Hackers Use 1000+ IP Addresses to Target Ivanti VPN Vulnerabilities
A sweeping wave of suspicious online activity is putting organizations on alert as hackers ramp up their efforts to probe...
Read more →
Critical Langflow Flaw Enables Malicious Code Injection – Technical Breakdown Released
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-3248 with a CVSS score of 9.8, has been uncovered in...
Read more →
Redis DoS Flaw Allows Attackers to Crash Servers or Drain Memory
A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash servers or exhaust system memory by...
Read more →
Threat Actors Growing More Sophisticated, Exploiting Zero-Day Vulnerabilities
Google’s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat actors, particularly China-nexus groups. These...
Read more →
GitLab Releases Critical Patch for XSS, DoS, and Account Takeover Bugs
Why Application Security is Non-Negotiable The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application...
Read more →
SonicWall SSLVPN Flaw Allows Hackers to Crash Firewalls Remotely
SonicWall has issued an urgent advisory (SNWLID-2025-0009) warning of a high-severity vulnerability in its SSLVPN Virtual Office interface that enables...
Read more →
Microsoft Offers $30,000 Bounties for AI Security Flaws
Microsoft has launched a new bounty program that offers up to $30,000 to security researchers who discover vulnerabilities in its...
Read more →
Blue Shield Exposed Health Data of 4.7 Million via Google Ads
Blue Shield of California has disclosed a significant data privacy incident affecting up to 4.7 million members, after discovering that...
Read more →
Strengthening Your Weakest Security Link
Despite billions spent annually on cybersecurity technology, organizations continue to experience breaches with alarming frequency. The most sophisticated security systems...
Read more →
Russian Hackers Exploit Microsoft OAuth 2.0 to Target Organizations
Cybersecurity firm Volexity has tracked a series of highly targeted attacks by suspected Russian threat actors, identified as UTA0352 and...
Read more →
New SMS Phishing Attack Weaponizes Google AMP Links to Evade Detection
Group-IB’s High-Tech Crime Trends Report 2025 reveals a sharp 22% surge in phishing websites, with over 80,000 detected in 2024....
Read more →