CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as...
WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack
A critical cross-site scripting (XSS) vulnerability has been discovered in the popular LiteSpeed Cache plugin for WordPress, affecting millions of websites worldwide.
The vulnerability, tracked...
Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf...
A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of...
Magento Input Validation Vulnerability Exploited In Wild To Hijack Session And Execute Malicious Codes
A critical vulnerability in Magento, the popular e-commerce platform, is now rebranded as Adobe Commerce. Dubbed SessionReaper and tracked as CVE-2025-54236, this improper input...
Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests
Microsoft has issued a critical security update for ASP.NET Core to address CVE-2025-55315, a high-severity flaw that enables HTTP request smuggling and could allow...
Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files
Docker Compose, a cornerstone tool for developers managing containerized application harbors a high-severity vulnerability that lets attackers overwrite files anywhere on a host system.
Discovered...
Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access
A critical vulnerability in Ubuntu's Linux kernel has been exposed, allowing local attackers to escalate privileges and potentially gain root access on affected systems....
Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures.
Disclosed on October 24, 2025, under CVE-2025-55315,...
CISA Warns Of Critical Veeder-Root Vulnerabilities Let Attackers Execute System-level Commands
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark advisory highlighting two severe vulnerabilities in Veeder-Root's TLS4B Automatic Tank Gauge System,...
OpenVPN Vulnerability Exposes Linux, macOS Systems to Script Injection Attacks
A new vulnerability in early versions of OpenVPN has been disclosed, potentially allowing malicious servers to execute arbitrary commands on client machines.
The flaw affects...
