A critical XML External Entity (XXE) vulnerability in Apache Tika, tracked as CVE-2025-66516, exposes users to attacks through specially crafted…
The UK's National Cyber Security Centre (NCSC) has rolled out its Proactive Notification Service, partnering with internet monitoring firm Netcraft…
NVIDIA has issued a security bulletin warning about two high-severity vulnerabilities in its Triton Inference Server software. These flaws allow…
A serious command injection vulnerability in Cacti, a popular open-source network monitoring tool, allows authenticated attackers to execute arbitrary commands…
Security firm Aikido Security uncovered PromptPwnd, a flaw in GitHub Actions and GitLab CI/CD pipelines linked to AI agents. This…
Security researcher Lyra Rebane has uncovered a powerful new clickjacking technique using SVG filters. This method, dubbed "SVG clickjacking," overlays…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2021-26828 to its Known Exploited Vulnerabilities (KEV) catalog on December 3,…
Security researchers chained three vulnerabilities in Synology BeeStation devices to enable unauthenticated attackers to remotely gain root access. Demonstrated initially…
Security researchers at JFrog uncovered three critical zero-day flaws in PickleScan, a key tool for detecting malware in Python pickle-based…
Security researchers have released React Server Components Surface Exposure Scanner, a free tool to detect exposed endpoints vulnerable to CVE-2025-55182.…