Tag: Vulnerability
-
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Google has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the number of memory …
-
How Adversaries Exploit the Blind Spots in Your EASM Strategy
Internet-facing assets like domains, servers, or networked device endpoints are where attackers look first, probing their target’s …
-
CISA Warns of Active Exploitation of Windows Kernel 0-Day Enabling Privilege Escalation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day …
-
Microsoft SQL Server Vulnerability Allows Privilege Escalation
Microsoft has disclosed a critical SQL injection vulnerability in SQL Server that could allow authenticated attackers to escalate their …
-
Lite XL Vulnerability Allows Attackers to Execute Arbitrary Code
Lite XL, a lightweight text editor written in Lua and C that runs on Windows, Linux, and macOS, has been found to contain a high …
-
A Growing Security Concern: Prompt Injection Vulnerabilities in Model Context Protocol Systems
Most companies set up their AI document assistant the same way: give it access to the repository, then rely on it to filter results based …
-
Microsoft Patch Tuesday for November 2025 – Fix for 0-day and Other 62 Vulnerabilities
Microsoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The …
-
Hackers Exploit Triofox 0-Day to Deploy Malicious Payloads Using Anti-Virus Feature
Cybersecurity researchers from Mandiant Threat Defense have uncovered a critical zero-day vulnerability in Gladinet’s Triofox …
-
Threat Actors Exploit VS Code Extensions for Ransomware via GitHub C2
Security researchers have uncovered a sophisticated attack campaign attributed to Kimsuky, the North Korean-backed threat group known for …
-
Airstalk Malware Exploits AirWatch MDM for Covert C2 Communication
Security researchers have identified a sophisticated new malware family, Airstalk, that exploits VMware’s AirWatch API—now known as …
-
CISA Alerts of Control Web Panel Command Injection Flaw Actively Exploited
The Cybersecurity and Infrastructure Security Agency has issued an urgent alert about a critical command-injection vulnerability in Control …
-
RondoDox Botnet Swells Its Arsenal — 650% Jump in Enterprise-Focused Exploits
The cybersecurity threat landscape shifted dramatically on October 30, 2025, when security researchers monitoring honeypot infrastructure …
●●●