-
A critical zero-day vulnerability in Cloudflare’s Web Application Firewall (WAF) allowed attackers to bypass security controls and directly access protected origin servers. Security researchers from FearsOff discovered on October 9, 2025, that re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Miggo Security found a flaw in Google Gemini that uses calendar invites to steal private data. Learn how this silent attack bypasses security.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Xiaomi’s Redmi Buds series faces critical security flaws that enable attackers to steal sensitive call data and crash devices without authentication. Two newly disclosed vulnerabilities affect Redmi Buds 3 Pro through 6 Pro, allowing unauthentica…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher has disclosed a critical vulnerability in ServiceNow’s Virtual Agent API and Now Assist AI Agents application, tracked as CVE-2025-12420. Dubbed “BodySnatcher,” this flaw enables unauthenticated attackers to impers…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s January 2026 security update has disrupted enterprise Remote Desktop infrastructure, triggering widespread credential prompt failures that prevent users from accessing Azure Virtual Desktop and Windows 365 environm…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Windows Kerberos authentication that enables attackers to conduct credential-relay attacks by exploiting DNS CNAME records. Tracked as CVE-2026-20929, this flaw allows threat actors to force victims into requesting Kerberos …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered critical privilege escalation vulnerabilities in Google’s Vertex AI platform that allow attackers with minimal permissions to hijack high-privileged Service Agent accounts. The flaws affect the Vertex AI Agent…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered two critical cross-site scripting (XSS) vulnerabilities in Meta’s Conversions API Gateway that could enable attackers to hijack Facebook accounts on a massive scale without any user interaction. The flaws affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Criminal infrastructure often fails for the same reasons it succeeds: it is rushed, reused, and poorly secured. Security researchers recently demonstrated this vulnerability by exploiting the very malware infrastructure designed to steal victims’…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A supply chain vulnerability in AWS CodeBuild recently put the entire AWS Console at risk. Learn how Wiz Research found the flaw and how Amazon responded to prevent a global security crisis.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
