-
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Teams users worldwide experienced significant service disruptions on December 20, 2025, as the collaboration platform encountered widespread issues affecting messaging functionality and other critical service operations. The company has ackno…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pillar Security has identified a critical indirect prompt injection vulnerability in Docker’s ‘Ask Gordon’ assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical remote code execution vulnerability in Gladinet Triofox is now under active exploitation by threat actors, and security researchers have demonstrated that weaponizing the flaw requires far more sophistication than initial analyses suggest. C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Apache Software Foundation has released a critical security update for its widely used Log4j logging library. A newly discovered vulnerability, tracked as CVE-2025-68161, allows attackers to intercept or redirect sensitive log data by exploiting a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic has released critical security updates to address a dangerous cross-site scripting (XSS) vulnerability affecting multiple versions of Kibana. The vulnerability, tracked as CVE-2025-68385, allows authenticated attackers to inject malicious scrip…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical race condition vulnerability has been discovered in the Linux kernel’s Rust Binder module, potentially causing system crashes and memory corruption. Assigned CVE-2025-68260, this issue affects the kernel’s inter-process communica…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon has uncovered a North Korean imposter posing as a U.S.-based systems administrator. The discovery was made not through traditional background checks but by analyzing the subtle timing of the worker’s typing. According to a report from Bloo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documente…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Roundcube, the widely used open-source webmail software, has officially released critical security updates to address two significant vulnerabilities in its 1.6 and 1.5 LTS (Long-Term Support) versions. These flaws could allow attackers to execute mali…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
