GitLab has released critical security patches addressing 12 vulnerabilities across versions 18.2.2, 18.1.4, and 18.0.6 for both Community Edition (CE) and Enterprise Edition (EE).
The vulnerabilities include multiple high-severity cross-site scripting (XSS) vulnerabilities that could enable account takeover attacks and unauthorized code execution on...
Google has released a critical security update for Chrome, addressing six vulnerabilities that pose serious threats to user security.
The update, Chrome version 139.0.7258.127/.128 for Windows and Mac, and 139.0.7258.127 for Linux, began rolling out on August 12, 2025, and will reach all users...
Fortinet has disclosed a critical authentication bypass vulnerability in its FortiWeb web application firewall that allows unauthenticated attackers to log in as any existing user on affected devices.
The vulnerability, tracked as CVE-2025-52970 and dubbed "Fort-Majeure" by security researcher Aviv Y, affects multiple versions...
Fortinet has issued an urgent security advisory for a critical vulnerability in FortiSIEM that allows unauthenticated attackers to execute arbitrary commands remotely.
The vulnerability, tracked as CVE-2025-25256 with a maximum CVSS score of 9.8, has already been exploited in the wild with proof-of-concept...
A critical zero-click vulnerability that circumvents Microsoft's security patch for CVE-2025-24054, enabling attackers to extract NTLM credentials without any user interaction.
The new vulnerability, assigned CVE-2025-50154, demonstrates that Microsoft's April security update was incomplete, leaving Windows systems vulnerable to credential theft and malicious...
Microsoft has disclosed a significant remote code execution vulnerability in Teams that could enable attackers to compromise enterprise communications and access sensitive data.
The vulnerability, designated CVE-2025-53783, represents a serious security threat to organizations worldwide using the popular collaboration platform.
The vulnerability stems from a...