A critical buffer overflow vulnerabilities in multiple Zoom clients for Windows that could enable authorized users to launch denial-of-service attacks through network access.
The vulnerabilities, tracked as CVE-2025-49464 and CVE-2025-46789, both carry a medium severity rating with CVSS scores of 6.5, highlighting significant security...
MediaTek has released its July 2025 Product Security Bulletin addressing a comprehensive range of vulnerabilities affecting smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets.
The bulletin identifies 16 security vulnerabilities, with seven classified as high severity and nine...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a path traversal vulnerability in Rails Ruby on Rails framework that has been actively exploited in the wild.
This vulnerability, identified as CVE-2019-5418, poses significant risks to organizations using the popular...
A critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems established in 2003.
The vulnerability, designated CVE-2025-52488, allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass that exploits file system operations.
This authentication vulnerability affects the...
In a dramatic escalation of Russia’s cyber defense efforts, the FSB (Federal Security Service) announced the detention of two individuals accused of orchestrating cyberattacks against Russia’s critical infrastructure on behalf of Ukrainian intelligence.
The arrests carried out in the Kemerovo and Tomsk regions underscore...
A working proof-of-concept exploit for CVE-2025-5777, a critical memory disclosure vulnerability affecting Citrix NetScaler products that has been dubbed "CitrixBleed 2" due to its similarities to the notorious CVE-2023-4966 vulnerability.
The exploit allows attackers to exfiltrate 127 bytes of arbitrary memory data per request,...