A critical vulnerability in PHP's PDO (PHP Data Objects) library has been discovered that allows attackers to perform SQL injection attacks even when applications use prepared statements and proper escaping techniques.
Security researcher hashkitten revealed this technique during the DownUnderCTF competition, demonstrating how PDO's...
A sophisticated new SS7 bypass attack that enables surveillance companies to circumvent mobile network security defenses and illegally track user locations.
The attack exploits a little-known encoding technique in the SS7 protocol's TCAP layer, effectively hiding subscriber identity information from security systems designed to...
Wiz Research has disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit, dubbed NVIDIAScape, that poses a significant threat to the security of AI cloud services worldwide.
The flaw, tracked as CVE-2025-23266 with a CVSS score of 9.0, enables malicious containers to bypass...
Indian cryptocurrency exchange CoinDCX confirmed a major security breach on Saturday (July 19, 2025) that resulted in hackers stealing $44 million from the platform.
Co-founder Sumit Gupta acknowledged the attack while reassuring users that customer funds remain secure and trading operations continue normally.
The cyberattack...
A configuration vulnerability in Microsoft's AppLocker security feature that could potentially allow certain applications to bypass system restrictions.
The discovery centers around a seemingly minor numerical discrepancy in Microsoft's official documentation that creates an exploitable gap in the application control system, though the researchers...
A critical security vulnerability has been discovered in Livewire v3, a popular full-stack framework for Laravel that enables developers to build dynamic user interfaces without extensive JavaScript knowledge.
The vulnerability, designated as CVE-2025-54068 and tracked as GHSA-29cq-5w36-x7w3, allows unauthenticated attackers to achieve remote command...