A critical vulnerability chain in Sitecore Experience Platform that allows attackers to gain complete control of enterprise systems without authentication.
The Vulnerabilities affect versions 10.1 through 10.4 of the popular content management system, potentially exposing over 22,000 instances currently accessible online.
The investigation began when...
Threat actors to inject hidden malicious links into legitimate websites, particularly targeting the online gambling sector with devastating effectiveness.
Cybercriminals are exploiting search engine optimization techniques to manipulate Google's ranking algorithms, using a sophisticated network of compromised websites to elevate malicious content in search results....
Meta has announced a significant expansion of monetization features within WhatsApp’s Updates tab, introducing channel subscriptions, promoted channels, and ads in Status while maintaining end-to-end encryption for personal chats.
The updates aim to balance business growth opportunities with user privacy protections, leveraging the tab’s...
A critical security vulnerability in ASUS Armoury Crate software has been discovered that allows attackers to gain complete system control on Windows machines through a sophisticated hard link exploitation technique.
The vulnerability, designated CVE-2025-3464 with a high CVSS score of 8.8, affects the AsIO3.sys...
A two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port.
The vulnerabilities , disclosed on June 13, 2025, could enable remote attackers to trigger denial-of-service (DoS) conditions, potentially crashing servers and disrupting services.
The...
A sophisticated cyber attack campaign that exploited a Google Chrome zero-day vulnerability in March 2025, with investigators now linking the operation to a persistent threat actor group.
The Positive Technologies Expert Security Center analyzed the attack targeting the previously unknown vulnerability, tracked as CVE-2025-2783,...