-
A critical privilege escalation vulnerability discovered in the Advanced Custom Fields: Extended WordPress plugin threatens over 100,000 active installations. The vulnerability, identified as CVE-2025-14533 with a CVSS score of 9.8, allows unauthentica…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On January 13, 2026, Check Point Research published its analysis of VoidLink, a Chinese-developed Linux malware framework designed to target cloud environments. Following this disclosure, the Sysdig Threat Research Team (TRT) examined VoidLink’s …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TP-Link has disclosed a high-severity authentication bypass vulnerability affecting its VIGI security camera lineup, allowing attackers on local networks to reset administrator passwords without verification. The flaw li…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CloudSEK’s STRIKE team has uncovered a sophisticated cryptocurrency theft operation orchestrated by the threat actor “RedLineCyber,” who deliberately impersonates the notorious RedLine Solutions to establish credibility within undergr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google’s Fast Pair technology has revolutionised Bluetooth connectivity, enabling seamless one-tap pairing across supported accessories and account synchronisation for millions of users. However, a critical vulnerability discovered in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered information-stealing malware, SolyxImmortal, has emerged as a persistent surveillance threat targeting Windows users. Distributed through underground Telegram channels, this Python-based implant combines credential theft, document ha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
AVEVA has disclosed seven critical and high-severity vulnerabilities in its Process Optimization software (formerly ROMeo) that could enable attackers to execute remote code with SYSTEM privileges and completely compromise industrial control systems. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A harmless-looking Google Calendar invite has revealed a new frontier in the exploitation of artificial intelligence (AI). Security researchers at Miggo discovered a vulnerability in Google Gemini’s integration with Google Calendar that allo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malvertising campaign tracked as TamperedChef has compromised over 100 organizations across 19 countries by distributing weaponized PDF editing software through Google Ads. Sophos Managed Detection and Response (MDR) teams discovered th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers. Security researchers from FearsOff discovered on October 9, 2025, that re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
