GitLab has released critical security patches for both Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities that could potentially compromise user data and system security.
The company strongly urges all self-managed GitLab installations to upgrade immediately to the newly released versions 18.2.1,...
SonicWall has disclosed multiple critical security vulnerabilities affecting its SMA 100 series products that could allow remote attackers to execute arbitrary code without authentication.
The security vulnerabilities, tracked as CVE-2025-40596, CVE-2025-40597, and CVE-2025-40598, impact the SMA 210, 410, and 500v models running firmware version...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Google Chromium vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the vulnerability is being actively exploited in the wild.
The vulnerability, tracked as CVE-2025-6558, affects the ANGLE and GPU components of...
A major international cybercrime investigation has culminated in the arrest of the suspected administrator behind xss.is, one of the world's most influential Russian-speaking cybercrime platforms, following a coordinated operation between French police, Ukrainian authorities, and Europol.
The arrest represents a significant blow to the...
A sophisticated cybercriminal group known as LARVA-208 has launched a new campaign targeting Web3 developers through an elaborate phishing scheme involving fake AI workspace platforms.
The operation represents a significant evolution in the group's tactics, shifting from targeting traditional IT staff to exploiting the...
A newly observed social engineering wave tied to the Lazarus constellation is exploiting the seasonal rush for remote cryptocurrency jobs.
Dubbed “ClickFix”, the lure refines the earlier ClickFake Interview playbook by introducing a new repair-tool twist that incorporates a bespoke Go backdoor, which the Sekoia TDR team...