A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. [...]

Chromium's latest release addressed new vulnerabilities. Security updates have been released for Opera - get the latest versions now.

CVE-2024-12029: A critical deserialization vulnerability in InvokeAI's /api/v2/models/install endpoint allows remote code execution via malicious model files. Exploit risk for AI art servers. The post CVE-2024-12029 – InvokeAI Deserialization of Untrusted Dat…

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. [...]

ESET ┏祉ュャ」茖遵 (Windows ) Windowsゃ「潟㏍ー❼у識с綽ゃCVE-2025-2425鐚/a> (㏍ ITS, 2025.07.17)ナSET Windows ┏祉ュャ」茖遵 TOCTOU 腴九倶 CVE-2025-2425 V18.2 т信罩ｃ贋違/a> [CA8840] ESET Customer Advisory: TOCTOU race condition vulnerability in ESET products on Windows f…

Cybersecurity researchers have discovered a new campaign that exploits a known security flaw impacting Apache HTTP Server to deliver a cryptocurrency miner called Linuxsys. The vulnerability in question is CVE-2021-41773 (CVSS score: 7.5), a high-severity pat…

Hello, Community! Customers and holders of contributor subscriptions can now download VyOS 1.4.3 release images and the corresponding source tarball. This release includes fixes for CVE-2024-3596 (BlastRADIUS) — a vulnerability in the RADIUS PAM module that…

Solace Cyber is issuing an urgent warning to businesses and IT leaders following the discovery of a critical vulnerability (CVE-2025-5777), dubbed CitrixBleed 2, affecting Citrix NetScaler ADC and Gateway systems.

NetScaler deelt een aantal Indicators of Compromise (IoCs) die erop kunnen wijzen dat NetScaler-appliances via de ...

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerability, tracked as CVE-2025-20337 (CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Serv…

Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system. Note: CVE-2025-6558 is being exploited in …

Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. Google is aware that an exploit for CVE-2025-6558 exists in the wild. https://security-tracker.debian.org/tracke…

BIND 9.20.x / 9.21.x ャserve-stale-enable yes stale-answer-client-timeout 0 (❼serve-stale-enable no stale-answer-client-timeout off )劫㍾羈 CNAME ァ若В羆阪絽悟篋 CVE-2025-40777 BIND 9.20.11 / 9.21.10 т信罩ｃ serve-stale-enable no stale-answer-client-timeout off ┃絎с …

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as CVE-2025-25257. [...]

For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild. About CVE-2025-6558 CVE-2025-6558 is a high-severity vulnerability that stems from incorrect validation of untrusted input in …

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released fixes for six Chrome flaws, including one actively exploited in the wild tracked as CVE-2025-6558 (CVSS score …

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an inc…

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and denial of service condition on the targeted system. Note: CVE-2025-6558 is being exploited in t…

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Wing FTP Server flaw, tracked as CVE-2025-47812, to i…

Related content: PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025) (Severity: HIGH) CVE-2024-5916 PAN-OS: Cleartext Exposure of External System Secrets (Severity: MEDIUM) CVE-2025-4227 GlobalProtect App: Interception in Endpoint Traffic Poli…