Cyber News

GitLab Vulnerabilities Enable Account Takeover and Stored XSS Attacks

GitLab has released critical security patches addressing 12 vulnerabilities across versions 18.2.2, 18.1.4, and 18.0.6 for both Community Edition (CE)…

8 months ago

Critical Microsoft Office Vulnerabilities Enables Remote Code Execution

Microsoft has released critical security updates addressing multiple use-after-free vulnerabilities in Office applications that could allow attackers to execute arbitrary…

8 months ago

Chrome Update Fixes High-Severity Vulnerabilities Allowing Arbitrary Code Execution

Google has released a critical security update for Chrome, addressing six vulnerabilities that pose serious threats to user security. The…

8 months ago

FortiWeb Vulnerability Enables Attackers to Impersonate Any User

Fortinet has disclosed a critical authentication bypass vulnerability in its FortiWeb web application firewall that allows unauthenticated attackers to log…

8 months ago

Critical FortiSIEM Vulnerability Exploited in the Wild: PoC Enables Remote Command Execution

Fortinet has issued an urgent security advisory for a critical vulnerability in FortiSIEM that allows unauthenticated attackers to execute arbitrary…

8 months ago

New 0-Click NTLM Credential Leak Vulnerability Evades Microsoft’s CVE-2025-24054 Patch

A critical zero-click vulnerability that circumvents Microsoft's security patch for CVE-2025-24054, enabling attackers to extract NTLM credentials without any user…

8 months ago

Microsoft Teams RCE Vulnerability Lets Hackers Steal, Alter, and Erase Messages

Microsoft has disclosed a significant remote code execution vulnerability in Teams that could enable attackers to compromise enterprise communications and…

8 months ago

Over 7,000 Citrix NetScaler Devices Remain Vulnerable to CVE-2025-5777 and CVE-2025-6543

Over 7,400 Citrix NetScaler appliances worldwide remain unpatched against two high-severity vulnerabilities—CVE-2025-5777 and CVE-2025-6543—raising urgent concerns about active exploitation and…

9 months ago

Royal Enfield Reportedly Targeted in Ransomware Attack, Hackers Claim to Have Encrypted Data

In what appears to be a significant cybersecurity incident, threat actors have claimed a full compromise of Royal Enfield’s internal…

9 months ago

SAP Security Patch Day Fixes 15 Vulnerabilities, Including 3 Critical Injection Vulnerabilities

On August 12, 2025, SAP released its monthly Security Patch Day addressing 15 new vulnerabilities across multiple SAP products, marking…

9 months ago
Show more Posts
Show previous Posts