Grafana Labs has released critical security patches addressing two significant vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code.
The company issued fixes for CVE-2025-6023 (high severity) and CVE-2025-6197 (medium severity) across multiple versions of the popular...
Ubiquiti Networks has disclosed a critical security vulnerability affecting multiple UniFi Access devices that could enable malicious actors to execute arbitrary commands through improper input validation.
The vulnerability, assigned CVE-2025-27212 and discovered by security researchers Bongeun Koo and Junhyung Cho, carries a maximum CVSS...
A critical buffer overflow vulnerability has been identified in Lenovo’s Protection Driver, exposing users of various Lenovo applications to potential local privilege escalation and remote code execution.
Lenovo has cautioned affected users to update key applications immediately to mitigate exploitation risks.
Lenovo Security Advisory LEN-195370...
Microsoft has announced two major initiatives aimed at increasing transparency in email security effectiveness, addressing the growing challenge faced by chief information security officers (CISOs) in making data-driven cybersecurity decisions.
The company is launching a new customer-facing dashboard for Microsoft Defender for Office 365...
Web Application Firewalls (WAFs) are the first line of defense for countless online services, yet a new approach—dubbed WAFFLED—demonstrates how subtle parsing mismatches can let malicious traffic slip through.
Researchers at Northeastern University and Dartmouth College have unveiled a systematic method that exploits differences...
Russian premium vodka producer NovaBev Group, the parent company behind the prestigious Beluga brand, has fallen victim to a sophisticated ransomware attack that disrupted its operations and temporarily affected the availability of key services.
The unprecedented cyberattack, which occurred on July 14, 2025, represents...