-
A critical security vulnerability in M-Files Server could allow authenticated attackers to capture active user session tokens via the M-Files Web interface, enabling identity impersonation and unauthorized access to sensitive information. The flaw, tra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical buffer overflow vulnerability in Net-SNMP’s snmptrapd daemon allows remote attackers to crash the service by sending specially crafted packets, potentially disrupting network monitoring operations across enterprise environments. The fl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at indu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MongoDB has disclosed a critical security vulnerability tracked as CVE-2025-14847 that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw, affecting multiple MongoDB versions dating back to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Romania’s national water authority, Romanian Waters, was hit by a major ransomware attack affecting 1,000 systems but dams remain safe. Learn how authorities are fighting back without paying the ransom.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in n8n, a popular open-source workflow automation platform, threatens over 103,000 potentially vulnerable instances worldwide. Tracked as CVE-2025-68613 with a maximum CVSS severity score of 9.9, the flaw …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have confirmed the release of proof-of-concept (PoC) exploit code for CVE-2025-68613, a critical remote code execution flaw affecting n8n workflow automation platform. The vulnerability carries a maximum CVSS score of 10.0 and impa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has addressed a critical use-after-free vulnerability in its Brokering File System (BFS) driver that could allow attackers to escalate privileges on Windows systems. Tracked as CVE-2025-29970, the security flaw affects the bfs.sys component a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical race condition vulnerability in the Linux kernel’s POSIX CPU timers has been exposed through a detailed proof-of-concept, one of the most sophisticated kernel exploits targeting Android devices. CVE-2025-38352 represents a use-after-fr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical firmware vulnerability affecting motherboards from major manufacturers including Gigabyte, MSI, ASRock, and ASUS has been discovered by Riot Games’ Vanguard anti-cheat team. The vulnerability, dubbed “Sleeping Bouncer,” all…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
