Attackers have abused CVE-2025-9491, a flaw in how Windows displays shortcut file properties, since 2017, to hide malicious commands in…
Let's Encrypt, a leading nonprofit certificate authority (CA), plans to slash the validity of its TLS certificates from 90 days…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of a high-severity authentication flaw in…
The Django project released security patches on December 2, 2025, addressing two vulnerabilities in versions 5.2.9, 5.1.15, and 4.2.27. Posted…
ANYRUN and NorthScan have exposed the inner workings of North Korea's Lazarus Group through a bold honeypot operation. Researchers captured…
Faizan Ahmad, a security expert at Meta, launched Rogue on GitHub under the GPL-3.0 license. This Python-based tool uses OpenAI…
A critical flaw in the popular open-source eCommerce platform nopCommerce exposes users to session hijacking attacks. Security researchers at CERT…
OpenVPN, a popular open-source VPN solution, has patched multiple flaws in its recent releases that expose users to denial-of-service (DoS)…
India’s Department of Telecommunications (DoT) has mandated that all smartphone makers preload a non-removable government cybersecurity app, Sanchar Saathi, on…
WatchGuard disclosed multiple high-severity vulnerabilities in Firebox appliances on December 4, 2025, including flaws that let privileged attackers execute arbitrary…