SonicWall has issued an urgent security warning following a dramatic surge in cyberattacks targeting Gen 7 firewalls with SSL VPN enabled over the past 72 hours.
The company is actively investigating whether these incidents stem from a previously disclosed vulnerability or represent an entirely...
MediaTek has disclosed three critical security vulnerabilities in its August 2025 Product Security Bulletin that affect a wide range of chipsets used in smartphones, tablets, and IoT devices.
These out-of-bounds write vulnerabilities enable local privilege escalation attacks, potentially compromising millions of devices worldwide.
This high-severity...
A critical SQL injection vulnerability affecting the widely-used ADOdb PHP database abstraction library has been discovered and patched, posing significant security risks to applications using the SQLite3 driver.
The vulnerability, tracked as CVE-2025-54119, carries the maximum CVSS score of 10.0, highlighting its severity and...
A critical vulnerability in Streamlit's file upload feature that could enable attackers to execute cloud account takeover attacks on misconfigured instances.
The vulnerability, which client-side file type restrictions, was exploited in a proof-of-concept demonstration showing how financial market dashboards could be manipulated to influence...
A sophisticated technique that can bypass most Web Application Firewalls (WAFs) to execute Cross-Site Scripting (XSS) attacks, revealing significant vulnerabilities in widely-used cybersecurity defenses.
The research, conducted during an autonomous penetration test, demonstrated that parameter pollution combined with JavaScript injection can defeat 70.6% of...
The attack, dubbed "LegalPwn," was revealed in groundbreaking research by AI security firm Pangea and represents a significant evolution in prompt injection techniques that exploit the fundamental compliance programming of large language models.
A sophisticated new cyberattack has been discovered that tricks leading artificial intelligence...