Security researchers have successfully exploited a critical zero-day vulnerability in the Linux kernel, compromising multiple Google kernelCTF instances and Debian 12 systems with a near-perfect success rate.
The vulnerability, now designated as CVE-2025-38001, represents a sophisticated Use-After-Free vulnerability in the Linux network packet scheduler...
On August 2, 2025, blockchain analytics firm Arkham Intelligence revealed that Chinese mining pool LuBian suffered what appears to be the largest Bitcoin heist in history, with 127,426 BTC stolen in December 2020—worth approximately $3.5 billion at the time and now valued at $14.5...
A critical vulnerabilities in Partner Software and Partner Web applications that pose significant risks to government agencies and municipal organizations across the United States.
The vulnerabilities allow authenticated attackers to execute arbitrary code on compromised systems, potentially granting complete control over affected infrastructure.
Partner Software,...
A critical security vulnerability in the popular AI-powered code editor Cursor IDE has been disclosed that allows attackers to execute remote code without any user interaction.
The flaw, dubbed "CurXecute" and tracked as CVE-2025-54135, received a severity rating of 8.6 and has been patched...
A critical security vulnerability in the widely-used Squid proxy server has been discovered that could allow attackers to execute remote code and access sensitive system memory.
The vulnerability, tracked as CVE-2025-54574 and designated SQUID-2025:1, affects all Squid versions up to 6.3 and poses significant...
HashiCorp has issued a high-severity advisory (HCSEC-2025-14) detailing CVE-2025-6000, a vulnerability that allows a privileged Vault operator to achieve remote code execution on the host running Vault.
The weakness affects Vault Community Edition and Vault Enterprise versions 0.8.0 through 1.20.0, with fixes released in...