Hackers Use Rogue MCP Server to Inject Malicious Code and Control the Cursor’s Built-in...
A critical vulnerability allowing attackers to inject malicious code into Cursor's embedded browser through compromised MCP (Model Context Protocol) servers.
Unlike VS Code, Cursor lacks...
PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild
A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path...
Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers
A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases.
Dubbed CVE-2025-12762, the vulnerability affects versions...
Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover
Fortinet has issued an urgent advisory warning of a critical vulnerability in its FortiWeb web application firewall (WAF) product, which attackers are actively exploiting...
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation
NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and...
Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites.
The security...
Critical Fortinet FortiWeb Vulnerability Exploited in the Wild to Create Admin Accounts
A critical vulnerability in Fortinet's FortiWeb Web Application Firewall (WAF) is being actively exploited by threat actors, potentially as a zero-day attack vector.
The flaw,...
FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet's FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance.
Researchers at...
Multiple GitLab Vulnerabilities Let Attackers Inject Malicious Prompts to Steal Sensitive Data
GitLab has released urgent security patches addressing multiple vulnerabilities affecting both the Community Edition and the Enterprise Edition.
The company released versions 18.5.2, 18.4.4, and...
Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks
Elastic Security has disclosed critical vulnerabilities affecting Kibana that could enable attackers to execute Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks against...
.webp?w=100&resize=100,70&ssl=1 "Top 10 Best Fraud Prevention Companies in 2025")
