-
CrowdStrike has disclosed two critical vulnerabilities affecting its Falcon sensor for Windows that could enable attackers to delete arbitrary files and potentially compromise system stability. The cybersecurity company released patches for both securi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified two significant vulnerabilities in Nagios Log Server that expose critical system information and allow unauthorized service manipulation. The vulnerabilities, tracked as CVE-2025-44823 and CVE-2025-44824, affect ver…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon Web Services (AWS) released bulletin AWS-2025-020 detailing a serious flaw in the macOS version of its Client VPN software. The issue, tracked as CVE-2025-11462, arises when the VPN client fails to validate the log destination directory during l…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new proof-of-concept exploit has been released for three severe vulnerabilities in the Lua scripting engine used by Redis 7.4.5. Security researchers discovered that attackers can trigger remote code execution and privilege escalation by abusing flaw…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google rolled out version 141.0.7390.65/.66 for Windows and Mac and 141.0.7390.65 for Linux. This update fixes three critical security flaws, all of which involve memory handling errors that an attacker could exploit to execute arbitrary code in the co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a warning about a new zero-day cross-site scripting (XSS) flaw in the Zimbra Collaboration Suite (ZCS). This vulnerability is already in use by attackers to hijack user sessions, steal data, and push malicious filters. Organizations run…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical zero-day vulnerability in Oracle E-Business Suite that cybercriminals are actively exploiting to deploy ransomware attacks against organizations…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security issue in the Kibana CrowdStrike Connector allows attackers to access stored CrowdStrike credentials. The flaw affects multiple versions of Kibana and can expose credentials across spaces within the same deployment. Elastic has released updat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a critical flaw in OpenSSH’s ProxyCommand feature that can be leveraged to achieve remote code execution on client systems. Tracked as CVE-2025-61984, the vulnerability arises from inadequate filtering of control cha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft Windows. Known as CVE-2021-43226, this flaw resides in the Common Log File System (CLFS) driver…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
