A serious denial-of-service (DoS) flaw in Next.js lets attackers crash self-hosted servers with a single HTTP request, using almost no…
Security teams using Apache Syncope face a new risk. A flaw in this open-source identity management tool allows attackers to…
HashiCorp has disclosed a security flaw in its Vault Terraform Provider that allows attackers to bypass valid credentials and log…
NVIDIA has patched serious security flaws in its Isaac-GR00T platform, a key tool for building AI-powered humanoid robots. Released on…
A serious flaw in the popular vLLM library could let attackers crash servers or even run malicious code remotely. Security…
Wireshark, the leading open-source network protocol analyzer, released version 4.6.1 on November 19, 2025, to fix two security flaws in…
CrowdStrike researchers discovered that DeepSeek-R1, a 671-billion-parameter large language model from a Chinese AI firm released in January 2025, produces…
Cybersecurity firm GreyNoise reported a dramatic spike in attacks targeting Palo Alto Networks' GlobalProtect VPN portals. Starting November 14, 2025,…
Google has urgently patched a critical zero-day vulnerability in its Chrome browser after confirming active exploitation by threat actors. The…
Zoho Corporation, known for its suite of business software, has disclosed a serious security flaw in its Analytics Plus tool.…