Samsung has released a critical security update for a vulnerability (CVE-2025-21042) in its image processing library, which was actively exploited…
Read More »CISA
Entity category: organization
A critical vulnerability (CVE-2025-21042) in Samsung smartphones allows attackers to install LandFall spyware via manipulated DNG images sent through WhatsApp,…
Read More »
A critical remote code execution vulnerability (CVE-2025-12735) has been found in the widely used expr-eval JavaScript library, affecting over 800,000…
Read More »
A critical security vulnerability (CVE-2025-48703) in Control Web Panel (CWP) is being actively exploited, posing a severe threat to web…
Read More »
A cybersecurity breach at the Congressional Budget Office, suspected to involve a foreign actor, highlights increased vulnerabilities during the government…
Read More »
A critical security flaw (CVE-2025-48703) in CentOS Web Panel allows unauthenticated attackers to execute arbitrary commands, prompting CISA to issue…
Read More »
A new cybersecurity framework from CISA and the NSA provides detailed steps to protect Microsoft Exchange Server installations from sophisticated…
Read More »
CISA warns that two new security flaws in Dassault Systèmes' DELMIA Apriso platform are being actively exploited, posing risks to…
Read More »
CISA has issued an urgent directive for U.S. government agencies to patch a critical VMware vulnerability (CVE-2025-41244) that allows privilege…
Read More »
A critical Linux kernel vulnerability (CVE-2024-1086) is now being actively exploited by ransomware gangs, allowing attackers to gain complete control…
Read More »
CISA, NSA, and international partners have issued critical guidance for securing on-premises Microsoft Exchange Servers, as Microsoft ends perpetual security…
Read More »
A joint advisory from cybersecurity agencies recommends a proactive, multi-layered security strategy for Microsoft Exchange servers, including decommissioning outdated on-premises…
Read More »
A critical security flaw (CVE-2025-59287) in Windows Server Update Services (WSUS) allows unauthenticated attackers to execute remote code with system…
Read More »
A critical remote code execution vulnerability (CVE-2025-59287) in Windows Server Update Services (WSUS) allows attackers to gain full SYSTEM-level control…
Read More »
A critical zero-day vulnerability (CVE-2025-61932) in Lanscope Endpoint Manager is being actively exploited, primarily targeting Japanese customers since April 2025.…
Read More »
Microsoft has issued an urgent security update for Windows Server to patch a critical vulnerability (CVE-2025-59287) that is actively being…
Read More »
A critical Windows SMB Client vulnerability (CVE-2025-33073) is being actively exploited, allowing attackers to gain SYSTEM-level privileges through a malicious…
Read More »
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and…
Read More »
Microsoft has released urgent security updates addressing two actively exploited zero-day vulnerabilities, with federal agencies mandated to patch within two…
Read More »
A critical Windows SMB vulnerability (CVE-2025-33073) is being actively exploited, allowing attackers to gain full SYSTEM-level control over unpatched systems.…
Read More »