Subscribe
Monday, April 27, 2026
type here...
Subscribe
HomeVulnerabilities

Vulnerabilities

Node.js Vulnerabilities Expose Windows Apps to Path Traversal and HashDoS

The Node.js project has announced critical security updates across multiple release lines, addressing two high-severity vulnerabilities that pose significant risks to Windows users and applications running on the latest Node.js versions. These vulnerabilities, identified as CVE-2025-27210 and CVE-2025-27209, affect millions of applications worldwide and...
Read more

VMware ESXi and Workstation Vulnerabilities Enable Remote Code Execution on Host

A critical security updates addressing four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that could allow attackers with administrative privileges on virtual machines to execute malicious code on the underlying host systems. The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS...
Read more

Malicious Payloads Delivered via Compiled HTML Help – Hackers Exploit Vulnerabilities

July 14, 2025 – In a striking example of how legacy technologies still pose modern threats, cybersecurity researchers have uncovered an advanced attack leveraging Microsoft’s Compiled HTML Help (CHM) format to deliver C++ malware into targeted Polish organizations stealthily. The campaign, which uses a...
Read more

Exposing Sensitive Data – How RapidFire Tools’ Network Detective Vulnerabilities Put Systems at Risk

RapidFire Tools’ Network Detective, a widely used network assessment and reporting utility, has been found to expose critical credentials through two distinct vulnerabilities that undermine the confidentiality and integrity of client infrastructures. Security researchers have assigned CVE-2025-32353 and CVE-2025-32874 to these flaws, which respectively...
Read more

13 New Vulnerabilities in Industrial Control Systems Exposed by CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has released thirteen Industrial Control Systems (ICS) advisories on July 10, 2025, highlighting critical security vulnerabilities affecting major industrial vendors, including Siemens, Delta Electronics, Advantech, KUNBUS, and IDEC. This comprehensive release encompasses ten new security advisories and...
Read more

New Release – Apache HTTP Server 2.4.64 Fixes 8 Critical Vulnerabilities

The Apache Software Foundation has released Apache HTTP Server 2.4.64 on July 10, 2025, addressing eight significant security vulnerabilities that affected versions spanning from 2.4.0 through 2.4.63. This critical update resolves multiple attack vectors, including HTTP response splitting, server-side request forgery (SSRF), and denial-of-service...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Vulnerabilities 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Vulnerabilities 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News