Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks […]
FortiOS Buffer Overflow vulnerability Enables Remote Code Execution by Attackers
Fortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the […]
Malicious Pull Request Targets 6,000+ Developers via Vulnerable Ethcode VS Code Extension
Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little […]
_Tomasz_Zajda_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
4 Critical Steps in Advance of 47-Day SSL/TLS Certificates
With certificate lifespans set to shrink by 2029, IT teams need to spend the next 100 days planning in order to avoid operational disruptions. The […]
CISA Alerts on Active Exploit of Ruby on Rails Path Traversal Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical path traversal vulnerability in Ruby on […]
MediaTek July 2025 Security Update Addresses Multiple Chipset Vulnerabilities
MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, […]
Hackers ‘Shellter’ Various Stealers in Red Team Tool to Evade Detection
Researchers have uncovered multiple campaigns spreading Lumma, Arechclient2, and Rhadamanthys malware by leveraging key features of the AV/EDR evasion framework. The original article found on […]
ClickFix-Attacken bedrohen Unternehmenssicherheit
Cyberkriminelle greifen immer häufiger auf ClickFix-Angriffe zurück. NAJA x -shutterstock.com Weniger bekannt als Phishing ist die Social-Engineering-Methode ClickFix. Ziel solcher Attacken ist es, die Opfer […]
PoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per Request
Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed “CitrixBleed2.” The flaw allows unauthenticated attackers to […]
How a 12-year-old bug in Sudo is still haunting Linux users
Two new vulnerabilities have been found in Sudo, a privileged command-line tool installed on Linux systems, that can allow privilege escalation and unintended command execution […]