Cisco released emergency patches for two firewall vulnerabilities exploited as zero-days in the ArcaneDoor espionage campaign ...

The US Cybersecurity and Infrastructure Security Agency (CISA) is urging government agencies to address two worrying Cisco ...

L1TF Reloaded is a vulnerability combining the old L1TF and half-Spectre hardware flaws to bypass deployed software ...

Cisco faces two zero-day attacks actively exploiting flaws in ASA and IOS/IOS XE devices. Learn about the vulnerabilities and ...

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks.

The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code execution. It affects SolarWinds Web ...

In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities. OpenMetadata is an open-source metadata ...

A new vulnerability has been discovered in Microsoft’s Azure Service Fabric Explorer (SFX) that would enable unauthenticated, remote threat actors to execute code on a container hosted on a Service ...

Samsung patches critical zero-day vulnerability CVE-2025-21043 in Galaxy devices after WhatsApp discovered active ...

Libraesva Email Security Gateway (ESG) has patched a medium-severity vulnerability apparently abused by state-sponsored ...

OpenSSL is a toolkit that implements Secure Sockets Layer and Transport Layer Security protocols, as well as a full strength, general purpose cryptography library. The vulnerability, which Red Hat ...

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances like refrigerators are ...