Zeljka Zorz

SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete …

WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind …

Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted …

A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has …

An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being …

UK-based retailers Marks & Spencer, Co-op, and Harrods have been targeted by cyber attackers in the last few weeks. Whether the attacks have been mounted by the same …

Attackers have been using two previously known vulnerabilities (CVE-2024-38475, CVE-2023-44221) to compromise SonicWall secure mobile access devices, the vendor has confirmed …

Microsoft is making new Microsoft accounts passwordless by default, the company has announced on Thursday, which marked this year’s World Password Day. “As part of …

Vulnerabilities in Apple’s AirPlay Protocol, AirPlay Software Development Kits (SDKs), and the CarPlay Communication Plug-in could allow attackers to compromise …

Emails purportedly sent by rental property management firms are being used to steal money from people in France and Canada, Proofpoint researchers have warned. A BEC scam …

In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of …

The Cybersecurity and Infrastructure Security Agency (CISA) has added three new flaws to its Known Exploited Vulnerabilities catalog on Monday, affecting Commvault …