-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catal…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an emergency security update for the Chrome browser, addressing two high-severity vulnerabilities that could enable remote code execution attacks. The stable channel update version 143.0.7499.146/.147 is now rolling out to Windows, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has disclosed a critical security vulnerability in Isaac Lab, a component of the NVIDIA Isaac Sim framework, that could allow attackers to execute arbitrary code remotely. The company released security patches in December 2025 to address the des…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon Threat Intelligence reports Russian GRU hackers are increasingly breaking into critical infrastructure by abusing misconfigured devices instead of exploiting software vulnerabilities.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability (CVE-2025-34352) found by XM Cyber in the JumpCloud Remote Assist for Windows agent allows local users to gain full SYSTEM privileges. Businesses must update to version 0.317.0 or later immediately to patch the high-severity flaw.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SoundCloud has publicly disclosed a significant data breach affecting approximately 20% of its user base. The music streaming platform confirmed that unauthorized actors gained access to limited user account information through a compromised ancillary …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red Hat has disclosed a significant security flaw in OpenShift GitOps that could allow authenticated users to take complete control of a cluster. Assigned the identifier CVE-2025-13888, this vulnerability allows namespace administrators to elevate thei…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719 on December 9, 2…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released comprehensive guidance on CVE-2025-55182, a critical pre-authentication remote code execution (RCE) vulnerability affecting React Server Components and the Next.js framework. Assigned a maximum CVSS score of 10.0, this vulnerabil…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw aff…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
