-
A critical cross-site scripting (XSS) vulnerability affecting both Lectora Desktop and Lectora Online has been disclosed, enabling attackers to inject JavaScript through crafted URL parameters. Discovered by security researcher Mohammad Jassim and docu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical command injection vulnerability in Libraesva ESG email security gateways has been discovered, allowing attackers to execute arbitrary commands through specially crafted compressed email attachments. The vulnerability, designated CVE-2025-596…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s latest Windows 11 update is causing significant problems for users trying to play protected video content. The KB5064081 update, released on August 29, 2025, has disrupted video playback functionality across multiple applications, lea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Chrome’s V8 JavaScript engine has long balanced speed and security for billions of users worldwide. On September 16, 2025, Google’s Threat Analysis Group discovered a critical zero-day flaw in the TurboFan compiler component of V8. Now tracked a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently disclosed flaw, tracked as CVE-2025-55241, allowed any attacker in possession of a single “Actor token” from a test or lab tenant to assume full administrative control over every Microsoft Entra ID (Azure AD) customer globally. Sec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have discovered a critical zero-click vulnerability in ChatGPT’s Deep Research agent that allows attackers to silently steal sensitive Gmail data without any user interaction. This sophisticated attack leverages service…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in PureVPN’s Linux clients that exposes users’ real IPv6 addresses during network reconnections, undermining the privacy protections that users expect from their VPN service. The vulnera…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have uncovered a zero-day vulnerability in TP-Link routers that allows attackers to bypass Address Space Layout Randomization (ASLR) and execute arbitrary code remotely. Tracked as CVE-2025-9961, this flaw resides in the CWMP (TR-069) binar…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked component of WatchGuard’s Fireware OS. An out-of-bounds write in the IKE…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
