-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about active exploitation of a critical vulnerability affecting Windows Server Update Service (WSUS). The agency updated its alert on October 29, 2025, adding cruc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in the Anti-Malware Security and Brute-Force Firewall WordPress plugin, putting more than 100,000 websites at risk. The vulnerability, identified as CVE-2025-11705, allows authenticated attackers with basic …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability discovered in Google Messages for Wear OS has exposed millions of smartwatch users to a significant security risk. Identified as CVE-2025-12080, the flaw allows any installed application to send text messages on behalf of the u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A path traversal vulnerability discovered in Docker Compose allows attackers to write arbitrary files to host systems through specially crafted OCI artifacts. Tracked as CVE-2025-62725, the flaw was discovered in early October 2025 and carries a high s…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding two severe vulnerabilities discovered in Dassault Systèmes DELMIA Apriso, a widely used manufacturing execution system. The agency has added thes…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in XWiki collaboration software is being actively exploited by threat actors to deploy cryptocurrency mining malware on vulnerable systems. The flaw, tracked as CVE-2025-24893, represents a serious threat to organizati…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released a critical security update addressing a severe vulnerability in ASP.NET Core that could enable attackers to execute HTTP request smuggling attacks. On October 14, 2025, the company issued patches for CVE-2025-55315, a security fe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A significant security vulnerability has emerged affecting QNAP’s NetBak PC Agent software through a critical flaw in Microsoft ASP.NET Core. The vulnerability, tracked as CVE-2025-55315, exploits HTTP Request Smuggling techniques to bypass essen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding serious vulnerabilities in Veeder-Root’s TLS4B Automatic Tank Gauge System. Released on October 23, 2025, the alert warns that attackers co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Apache Software Foundation has disclosed two security vulnerabilities affecting multiple versions of Apache Tomcat, with one flaw posing a serious risk of remote code execution on vulnerable servers. The flaws impact Apache Tomcat versions 9, 10, a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
