-
Security researchers have released a proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution vulnerability in Microsoft Outlook dubbed “MonikerLink.” This flaw enables attackers to execute arbitrary code on victi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated threat actor has been operating a private Out-of-band Application Security Testing (OAST) service hosted on Google Cloud infrastructure to conduct a large-scale exploit campaign targeting more than 200 CVEs, according to new research fr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently discovered vulnerability in Apache SkyWalking, a popular application performance monitoring tool, could allow attackers to execute malicious scripts and launch cross-site scripting (XSS) attacks. The flaw, identified as CVE-2025-54057, affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered a critical vulnerability in Microsoft Teams that allows attackers to bypass all Defender for Office 365 protections by inviting users into malicious tenant environments. The flaw exploits a fundamental architectural…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has released security updates to address fourteen critical vulnerabilities in its DGX Spark system. These flaws could allow attackers to execute malicious code, steal sensitive information, and launch denial-of-service attacks that crash the sys…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been identified in Apache Syncope that could allow attackers to decrypt stored passwords if they gain access to the internal database. The flaw stems from the use of a hardcoded default AES encryption key, which undermines …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has released security updates addressing two critical code injection vulnerabilities in its Isaac-GR00T robotics software platform. The flaws could allow attackers with local system access to execute arbitrary code, escalate privileges, and tamp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have published a proof-of-concept exploit for a critical remote code execution vulnerability in W3 Total Cache, one of WordPress’s most popular caching plugins with over one million active installations. The flaw, tracked as …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
High command injection vulnerabilities have been discovered in Tenda’s N300 Wi-Fi 4G LTE Router and the 4G03 Pro model, allowing authenticated attackers to execute arbitrary commands with root privileges on affected devices. With no patches curre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high security vulnerability has been discovered in vLLM, a widely used high-throughput inference and serving engine for Large Language Models. The flaw, identified as CVE-2025-62164, enables attackers to execute arbitrary code remotely through malici…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
