A proof-of-concept (PoC) for CVE-2025-5777, dubbed "CitrixBleed 2," a critical memory disclosure vulnerability affecting Citrix NetScaler devices. The vulnerability, which…
A sophisticated new malware campaign has been uncovered by Netskope Threat Labs, targeting Chinese users through fake installers for popular…
A sophisticated malware campaign targeting WordPress websites through fake plugins that cleverly disguise themselves using the victim's own domain name.…
Apache APISIX, a popular open-source API gateway, has disclosed a critical security vulnerability affecting versions prior to 3.12.0 that could…
Instagram implements an unusual certificate management strategy, replacing their TLS certificates on a daily basis using certificates with approximately one-week…
A critical security vulnerability has been identified and patched in Next.js, the popular React-based web framework. The vulnerability, designated as…
A significant vulnerability affecting Lenovo machines that allows users to bypass AppLocker security controls through a writeable file located in…
A critical vulnerability in HIKVISION's applyCT security management platform that could allow attackers to execute arbitrary code on affected systems…
Critical security vulnerabilities have been discovered in PHP's PostgreSQL and SOAP extensions that could enable SQL injection attacks and denial…
A sophisticated method to bypass Content Security Policy (CSP) nonces, a widely-used web security mechanism designed to prevent cross-site scripting…