A critical vulnerability in Apache bRPC's Redis protocol parser has been identified that allows remote attackers to execute denial-of-service attacks against affected systems.
The vulnerability, designated CVE-2025-54472, affects all versions of the industrial-grade RPC framework prior to version 1.14.1.
Apache bRPC is a widely-used C++...
A critical vulnerability that transforms ordinary USB webcams into sophisticated cyber weapons, marking the first documented case where attackers can remotely weaponize USB devices already connected to computers.
The groundbreaking research by Eclypsium's Jesse Michael and Mickey Shkatov, presented at DEF CON 2025, demonstrates...
Shared Linux hosting environments are designed to maximize transparency and facilitate system administration, but these very features can be weaponized by malicious users to harvest sensitive data.
Security researcher Ionuț Cernica recently demonstrated how standard Linux utilities and predictable file behaviors can be exploited...
SSHamble, a powerful open-source tool designed to identify and exploit vulnerabilities in SSH implementations, during his presentation at DEFCON 33 on August 9, 2025.
The tool represents a significant advancement in SSH security testing, offering researchers and security professionals comprehensive capabilities to assess the...
Xerox Corporation has released a critical security bulletin addressing two high-severity vulnerabilities in its FreeFlow Core v8.0.4 software that could allow attackers to execute server-side request forgery (SSRF) and remote code execution (RCE) attacks, potentially compromising enterprise printing infrastructure.
Diagram illustrating the process of Remote...
A critical security vulnerability has been discovered in 7-Zip, the popular file compression utility, that allows attackers to perform arbitrary file writes during archive extraction, potentially leading to code execution.
The vulnerability, tracked as CVE-2025-55188, affects all versions of 7-Zip prior to 25.01 and...