vulnerability

Cisco fixes risky flaws in HyperFlex and Prime infrastructure
Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the …

Highly critical Drupal RCE flaw could lead to new Drupalgeddon, patch now!
A new Drupalgeddon might be brewing: a highly critical vulnerability affecting all versions of the popular content management framework could allow hackers to take over …

500 million WinRAR users open to compromise via a 19-year-old flaw
A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE …

Rockwell Automation industrial energy meter vulnerable to public exploits
A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies …

Flawed password managers allow malware to steal passwords from computer memory
The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software …

Snapd flaw gives attackers root access on Linux systems
A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus …

RunC container escape flaw enables root access to host system
A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged …

Malicious macros can trigger RCE in LibreOffice, OpenOffice
Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and …

The problem with vulnerable IoT companion apps
There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many …

Critical FaceTime bug turns iPhones, Macs into eavesdropping tools
A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently …

Researcher warns of privilege escalation flaw in Check Point ZoneAlarm
Illumant researcher Chris Anastasio has discovered a serious vulnerability in Check Point’s security software. It affects ZoneAlarm Free Firewall and ZoneAlarm Free Antivirus …

Cisco fixes security holes in SD-WAN, Webex, Small Business routers
Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical …
Featured news
Resources
Don't miss
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)
- RIFT: New open-source tool from Microsoft helps analyze Rust malware