The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation in the wild.
Tracked as CVE-2025-9242, this out-of-bounds write flaw in the Fireware OS ike process enables...
In a chilling revelation from Amazon's threat intelligence team, sophisticated hackers are weaponizing undisclosed zero-day flaws in critical enterprise tools from Cisco and Citrix.
Dubbed as part of an ongoing campaign, these attackers are targeting identity and access management systems the digital gatekeepers that...
Lite XL, a popular lightweight text editor favored by developers for its speed and Lua-based extensibility, has been found vulnerable to attacks that could let malicious actors run arbitrary code on users' systems.
The flaws, detailed in CERT's Vulnerability Note VU#579478 released on November...
Ivanti has issued a critical security advisory for its Endpoint Manager (EPM) product, urging users to patch immediately.
The update addresses three high-severity vulnerabilities that could enable local authenticated attackers to write arbitrary files anywhere on affected systems.
Disclosed on November 10, 2025, the...
SAP's November 2025 Security Patch Day, released on November 11, underscores the ongoing need for robust protection in enterprise environments, with 18 new security notes and two updates addressing flaws across key products.
Among these, several critical vulnerabilities involve code execution and injection risks,...
Devolutions has disclosed a pair of serious security flaws in its Server product, potentially exposing organizations to account impersonation and sensitive data leaks.
Published on November 6, 2025, under advisory DEVO-2025-0016, these issues affect versions 2025.3.5 and earlier.
The most critical vulnerability, rated 9.4...