The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the popular Notepad++ text editor to its Known Exploited Vulnerabilities catalog, warning users of a flaw that could allow attackers to execute malicious code on affected systems. Tracked as CVE-2025-15556, the vulnerability affects Notepad++’s WinGUp updater component and stems from downloading code without […]

The post CISA Alerts Users to Notepad++ Flaw Allowing Code Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical SQL injection vulnerability in Microsoft Configuration Manager to its Known Exploited Vulnerabilities (KEV) catalogue. The threat actors are actively exploiting the flaw in the wild. The addition signals immediate risk to organisations using the enterprise management platform. SQL Injection Enables Command Execution Tracked as […]

The post CISA Issues Urgent Warning on Microsoft Configuration Manager SQL Injection Vulnerability Under Active Exploitation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A security vulnerability has been discovered in next-mdx-remote, a popular TypeScript library used for rendering MDX content in React applications. The flaw, tracked as CVE-2026-0969 and identified by researchers at Sejong University, enables attackers to execute arbitrary code on servers when untrusted MDX content is processed. The vulnerability affects the serialize function in next-mdx-remote versions […]

The post next-mdx-remote Vulnerability Allows Arbitrary Code Execution in React SSR appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.