Subscribe
Monday, April 27, 2026
type here...
Subscribe
HomeVulnerabilities

Vulnerabilities

Apple Fixes Several Vulnerabilities, Including Safari Vulnerability Exploited as Chrome 0-Day

Apple released a comprehensive set of security updates on July 29, 2025, addressing vulnerabilities across its entire ecosystem of devices and operating systems. The latest updates include critical patches for iOS, iPadOS, macOS, watchOS, tvOS, and visionOS, with particular attention to Safari browser security...
Read more

UNC3886 Hackers Target Singapore’s Critical Infrastructure Using Exploited 0-Day Vulnerabilities

Singapore's critical infrastructure is facing an active cyber-espionage campaign by UNC3886. This sophisticated Chinese state-linked threat group has been exploiting zero-day vulnerabilities to infiltrate critical infrastructure systems, including those in the energy, water, telecommunications, financial, and government sectors. First identified by Mandiant in 2022,...
Read more

Researchers Uncover N-day Vulnerabilities in SonicWall SMA100 Series

Three critical vulnerabilities in SonicWall's SMA100 series SSL-VPN appliances, highlighting persistent security vulnerabilities in network infrastructure devices. The vulnerabilities, affecting firmware version 10.2.1.15, include two pre-authentication buffer overflow conditions and a cross-site scripting vulnerability, demonstrating what researchers describe as "trivially avoidable" programming errors that...
Read more

CISA Issues Warning on Exploited Vulnerabilities in Cisco Identity Services Engine

The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Cisco Identity Services Engine vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting these vulnerabilities in real-world attacks. The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, affect Cisco...
Read more

PoC Exploit for Critical Cisco ISE Vulnerabilities Used in Ongoing Attacks

A critical vulnerabilities in Cisco Identity Services Engine (ISE), demonstrating how attackers can achieve complete system compromise with root access. The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, affect the pre-authentication phase and allow remote code execution without requiring valid credentials. The vulnerability was initially reported...
Read more

UNC3886 Hackers Targeting Vulnerabilities in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS

Singapore's cybersecurity landscape faces an unprecedented threat from UNC3886, an advanced persistent threat (APT) group that has been systematically targeting critical infrastructure across telecommunications, government, technology, and defense sectors. The sophisticated cyber espionage group demonstrates exceptional capabilities in rapidly exploiting zero-day vulnerabilities in enterprise...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Vulnerabilities 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Vulnerabilities 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News