Cybersecurity company Imperva, which discovered and reported the problem in July 2025, described CVE-2025-53967 as a "design ...

Huntress reports active exploitation of Gladinet CVE-2025-11371, exposing system files and enabling remote code execution.

Researchers say an extortion campaign linked to the Clop ransomware group used a series of chained vulnerabilities and ...

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary ...

New versions of the XWorm backdoor are being distributed in phishing campaigns after the original developer, XCoder, ...

In an in-depth report detailing the incident, the US Cybersecurity and Infrastructure Security Agency (CISA) outlined how the attackers leveraged CVE-2024-36401, a 9.8/10 vulnerability that granted ...

The critical vulnerability allows attacks to escape the in-memory data store’s Lua sandbox and subsequently execute arbitrary ...

AttackIQ has released a new emulation in response to the Oracle Security Alert Advisory detailing the CVE-2025-61882 vulnerability, which impacts Oracle E-Business Suite versions 12.2.3 through ...

WatchGuard has released security updates to address a remote code execution vulnerability impacting the company's Firebox firewalls. Tracked as CVE-2025-9242, this critical security flaw is caused by ...

Gap in Oracle's E-Business Suite allows access to company data. Attackers use this for blackmail attempts. Google expects over 100 people to be affected.

Now, security researchers found that figma-developer-mpc is vulnerable to a command injection flaw that allows threat actors ...

A vulnerability in the GitHub Copilot Chat AI assistant led to sensitive data leakage and full control over Copilot’s ...