Google has urgently patched a critical zero-day vulnerability in its Chrome browser after confirming active exploitation by threat actors.
The flaw, tracked as CVE-2025-13223, affects the V8 JavaScript engine and allows attackers to corrupt memory through malicious web pages, potentially leading to remote code...
Zoho Corporation, known for its suite of business software, has disclosed a serious security flaw in its Analytics Plus tool.
This vulnerability, tracked as CVE-2025-8324, allows unauthenticated attackers to inject malicious SQL code into the system.
Discovered in on-premise versions, the bug stems from...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, highlighting active exploitation in the wild.
Tracked as CVE-2025-9242, this out-of-bounds write flaw in the Fireware OS ike process enables...
In a recent security bulletin, Cloud Software Group (formerly Citrix) disclosed a medium-severity vulnerability affecting NetScaler ADC and NetScaler Gateway products.
Identified as CVE-2025-12101, this cross-site scripting (XSS) flaw could allow attackers to inject malicious scripts into web pages viewed by users, potentially leading...
The Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog on August 25, 2025, highlighting active exploitation of critical vulnerabilities affecting Citrix Session Recording and Git systems.
The additions include CVE-2024-8069 and CVE-2024-8068 in Citrix...
Mozilla released Firefox 142 on August 19, 2025, addressing multiple critical security vulnerabilities that could enable remote code execution and sandbox escape attacks.
The security update patches nine CVEs, with three classified as high-severity vulnerabilities that could allow attackers to execute arbitrary code on...