-
The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature. This flaw could allow attackers to run harmful database commands by crafting unexpected query parame…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese state-sponsored Advanced Persistent Threat (APT) groups have escalated their cyber espionage campaigns, systematically targeting global telecommunications, government, and military networks through sophisticated router exploitation techniques s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security teams have issued a warning after Google researchers detected active attacks exploiting a new zero-day vulnerability in Sitecore products. Tracked as CVE-2025-53690, this flaw allows attackers to run code on unpatched servers by tampering with…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert about a serious security hole in certain TP-Link devices. This flaw, tracked as CVE-2020-24363, allows an attacker on the same network to take control without needing …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA today released critical security updates for its BlueField, ConnectX, DOCA, Mellanox DPDK, Cumulus Linux, and NVOS products. The Partner Security Bulletin addresses multiple vulnerabilities that could allow denial of service (DoS), escalation of…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released Chrome 140 to the stable channel for Windows, Mac, and Linux. This update will roll out to users over the coming days and weeks. The new version, 140.0.7339.80 for Linux and 140.0.7339.80/81 for Windows and Mac, delivers several sec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released a critical Android Security Bulletin for September 2025, addressing multiple high-severity vulnerabilities that are currently being actively exploited in the wild. The security patch level 2025-09-05 or later is …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed remote code execution (RCE) vulnerability in Microsoft’s IIS Web Deploy toolchain has captured industry attention after the release of a public proof-of-concept. Tracked as CVE-2025-53772, this flaw resides in the unsafe deserializati…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Critical security flaws discovered in Mobile Security Framework (MobSF) version 4.4.0 enable authenticated attackers to exploit path traversal and arbitrary file write vulnerabilities, potentially compromising system integrity and exposing sensitive da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in HashiCorp Vault—tracked as CVE-2025-6203 and HCSEC-2025-24—has been disclosed that allows malicious actors to submit specially crafted payloads capable of exhausting server resources and rendering Vault instances unresponsiv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
