Subscribe
Sunday, April 26, 2026
type here...
Subscribe
HomeTagsVulnerability

Tag: Vulnerability

CISA Alerts to Active Exploitation of PHPMailer Command Injection Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical command injection vulnerability in PHPMailer (CVE-2016-10033) that has been actively exploited in the wild. This vulnerability, now included in CISA's Known Exploited Vulnerabilities (KEV) catalog, poses significant risks to...
Read more

CISA Issues Alert on Active Exploitation of Zimbra Collaboration Suite Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a server-side request forgery vulnerability in Synacor's Zimbra Collaboration Suite (ZCS) that has been confirmed as exploited in active attacks. The vulnerability, tracked as CVE-2019-9621, has been added to CISA's Known...
Read more

NetScaler Update Fixes Auth Vulnerability, But Citrix Warns of Authentication Failures

Citrix, a global leader in networking and application delivery, has introduced significant security enhancements in its recent NetScaler builds, specifically version 14.1.47.46 and 13.1.59.19. However, customers upgrading to these versions are experiencing unexpected authentication issues, prompting Citrix to issue a formal advisory. Enhanced Security with...
Read more

PoC Released for Critical Linux Privilege Vulnerability in udisksd/libblockdev

A proof-of-concept exploit for a critical local privilege escalation vulnerability affecting Fedora and SUSE Linux distributions. The vulnerability, tracked as CVE-2025-6019, allows users in the allow_active group to escalate privileges to root through the udisksd daemon and its backend library libblockdev. The vulnerability has...
Read more

CitrixBleed 2 Vulnerability: Proof-of-Concept Released, Widespread Threat Looms

A proof-of-concept (PoC) for CVE-2025-5777, dubbed "CitrixBleed 2," a critical memory disclosure vulnerability affecting Citrix NetScaler devices. The vulnerability, which bears striking similarities to the infamous 2023 CitrixBleed incident, is currently being exploited in the wild by multiple threat actors, prompting urgent warnings from...
Read more

Apache APISIX Vulnerability Enables Unauthorized Cross-Issuer Access via Misconfigurations

Apache APISIX, a popular open-source API gateway, has disclosed a critical security vulnerability affecting versions prior to 3.12.0 that could enable unauthorized cross-issuer authentication bypass. The vulnerability, CVE-2025-46647 discovered by security researcher Tiernan Messmer, specifically targets the OpenID Connect plugin when deployed in introspection...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News