0-Click Vulnerability in Samsung S24 Devices: PoC Releases for CVE-2024-49415
A newly published report from Natalie Silvanovich, a security researcher at Google’s Project Zero team, has revealed a The post 0-Click Vulnerability in Samsung S24 Devices: PoC Releases for...
View ArticleNew macOS Exploit Revealed: PoC for CVE-2024-54498 Breaks Sandbox Security
Recently, security researcher @wh1te4ever has revealed a proof of concept (PoC) exploit for CVE-2024-54498, a vulnerability that allows The post New macOS Exploit Revealed: PoC for CVE-2024-54498...
View ArticleLummaC2 Infostealer Malware Spreads via Crack Programs and Phishing
Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2 malware. The post LummaC2 Infostealer Malware Spreads via Crack...
View ArticleUnauthenticated Attackers Can Exploit Junos Vulnerabilities (CVE-2025-21598 &...
Juniper Networks has released advisories detailing two significant vulnerabilities affecting their Junos OS and Junos OS Evolved systems. The post Unauthenticated Attackers Can Exploit Junos...
View ArticleCVE-2024-41787 (CVSS 9.8): Critical IBM DOORS Next Flaw Enables Remote Code...
IBM has issued an urgent security bulletin regarding two critical vulnerabilities affecting its Engineering Requirements Management DOORS Next The post CVE-2024-41787 (CVSS 9.8): Critical IBM DOORS...
View ArticleCVE-2024-56511: Critical Authentication Bypass Vulnerability in DataEase
The DataEase project has issued an urgent advisory regarding a critical vulnerability (CVE-2024-56511) affecting its popular open-source BI The post CVE-2024-56511: Critical Authentication Bypass...
View ArticleAPT28’s New Espionage Campaign Uses Double-Tap Infection Chain
In a recent revelation, security researchers Amaury G., Maxime A., Erwan Chevalier, Felix Aimé, and Sekoia TDR have The post APT28’s New Espionage Campaign Uses Double-Tap Infection Chain appeared...
View ArticleMicrosoft Unveils CVE-2024-44243: A macOS System Integrity Protection Bypass...
Microsoft Defender Research Team has revealed a macOS vulnerability—CVE-2024-44243—that allows attackers to bypass Apple’s robust System Integrity Protection The post Microsoft Unveils CVE-2024-44243:...
View ArticleKernel Modules and Malicious Commands: Anatomy of the sysinitd Rootkit
The FortiGuard Incident Response (FGIR) team has conducted a comprehensive analysis of a sophisticated Linux rootkit, shedding light The post Kernel Modules and Malicious Commands: Anatomy of the...
View ArticleCISA Warns of Active Exploitation of Critical Flaws in BeyondTrust and Qlik...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical security vulnerabilities being The post CISA Warns of Active Exploitation of Critical Flaws...
View ArticleZyxel Urges Patch Application for Privilege Escalation Vulnerability...
Zyxel has issued an advisory for a newly identified security vulnerability, CVE-2024-12398, that affects multiple access points (AP) The post Zyxel Urges Patch Application for Privilege Escalation...
View ArticleLinux Kernel Privilege Escalation Vulnerability (CVE-2024-27397) Exploited:...
Security researcher liona24 has provided an in-depth analysis and a proof-of-concept (PoC) exploit code for CVE-2024-27397, a vulnerability The post Linux Kernel Privilege Escalation Vulnerability...
View ArticleCritical SAP Flaws Revealed: CVE-2025-0070 and CVE-2025-0066 with CVSS 9.9...
Today, SAP released 14 new security notes during its monthly Security Patch Day. This release includes several critical The post Critical SAP Flaws Revealed: CVE-2025-0070 and CVE-2025-0066 with CVSS...
View ArticleBiden’s AI Chip Export Restrictions: A Strategic Move to Counter Global Tech...
Before leaving office, U.S. President Joe Biden signed a new law regulating artificial intelligence (AI) chips, imposing global The post Biden’s AI Chip Export Restrictions: A Strategic Move to Counter...
View ArticleActive Exploitation of CVE-2024-55591 (CVSS 9.6): FortiOS and FortiProxy...
A critical vulnerability identified as CVE-2024-55591 (CVSS 9.6) is actively being exploited in the wild, posing a severe The post Active Exploitation of CVE-2024-55591 (CVSS 9.6): FortiOS and...
View ArticleCVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular...
Gradio, a popular open-source Python library for creating machine learning demos and web applications, has recently patched a The post CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw...
View ArticleCritical Vulnerability in Rasa Framework Enables Remote Code Execution...
A critical-severity vulnerability (CVE-2024-49375) has been identified in the popular open-source Rasa framework. This flaw, which carries a The post Critical Vulnerability in Rasa Framework Enables...
View ArticleECOVACS Patches Critical WiFi RCE Vulnerability CVE-2024-42911 in Deebot...
ECOVACS Robotics has addressed a critical remote code execution (RCE) vulnerability affecting its Deebot series robot vacuums. The The post ECOVACS Patches Critical WiFi RCE Vulnerability...
View ArticleMicrosoft Patches Outlook Zero-Click: CVE-2025-21298 Exploits RCE via Emails
Microsoft has addressed a critical vulnerability (CVE-2025-21298) in its latest 2025 Patch Tuesday update. This flaw, rated with The post Microsoft Patches Outlook Zero-Click: CVE-2025-21298 Exploits...
View Article15,000 FortiGate Firewalls Exposed: Massive Leak Includes VPN Credentials
Cybersecurity expert Kevin Beaumont has reported that over 15,000 FortiGate firewall configurations, including VPN credentials, have been publicly The post 15,000 FortiGate Firewalls Exposed: Massive...
View Article