A critical vulnerability in Tesla's Wall Connector home charging stations, proving that attackers can gain control of the devices through the charging port itself in just 18 minutes.
The attack, showcased at the Pwn2Own competition by cybersecurity firm Synacktiv, exploits a previously unknown communication...
A critical vulnerability in AI-integrated enterprise systems that allows threat actors to gain privileged access through seemingly innocent support tickets.
This attack method, dubbed "Living off AI," exploits the Model Context Protocol (MCP) implementations in platforms like Atlassian's Jira Service Management, demonstrating how the...
The Apache CloudStack project is a leading open-source Infrastructure-as-a-Service (IaaS) platform used globally by many organizations to orchestrate cloud environments.
Recently, several critical security vulnerabilities have been uncovered, posing serious risks to organizations relying on CloudStack for their cloud management needs. These issues enable...
A critical Denial-of-Service (DoS) vulnerability (CVE-2025-XXXX) has been patched in CoreDNS’s DNS-over-QUIC (DoQ) server implementation.
The flaw allows remote attackers to crash instances by exploiting uncontrolled goroutine creation in QUIC stream handling, leading to memory exhaustion.
This issue is particularly severe in containerized deployments...
In a startling revelation for 2025, Bitsight TRACE has uncovered more than 40,000 security cameras openly accessible on the internet—streaming live footage from homes, offices, factories, and even sensitive datacenter rooms.
This widespread exposure, which Bitsight first flagged in 2023, shows no sign of...
Security researchers from Binarly have uncovered a major software vulnerability in the Unified Extensible Firmware Interface (UEFI) ecosystem, specifically impacting the Secure Boot mechanism used by almost all modern PCs and servers.
Dubbed CVE-2025-3052 (BRLY-2025-001), this memory corruption flaw enables attackers to execute unsigned code...