Vulnerability

A critical vulnerability in macOS allows attackers to escalate privileges to root access through misconfigured daemon services.  The vulnerability, dubbed "Daemon Ex Plist," exploits weaknesses...

Ivanti has warned about a critical vulnerability in its Cloud Services Appliance (CSA) 4.6, which has been actively exploited in attacks. The vulnerability, identified...

Two high-severity vulnerabilities in Anthropic's Model Context Protocol (MCP) Filesystem Server enable attackers to escape sandbox restrictions and execute arbitrary code on host systems.  The...

Okta, a leading identity and access management company, has patched a critical vulnerability in its Verify agent for Windows that could allow attackers to...

The latest update to GitHub Enterprise Server, version 3.13.3, addressed a critical vulnerability (CVE-2024-6800), allowing attackers to forge SAML responses and gain unauthorized access. ...

A newly discovered security vulnerability allows attackers to impersonate Microsoft corporate email accounts, significantly increasing the risk of phishing attacks. Security researcher Vsevolod Kokorin,...

Hackers often target WordPress plugins as they have security loopholes that they can exploit to hack into sites without permission.  Once they have found them,...

HashiCorp, a leading provider of cloud infrastructure automation software, has disclosed a critical security vulnerability in its Vault secret management platform. The flaw, identified as...

Researchers have observed widespread exploitation attempts targeting a critical memory disclosure vulnerability in Citrix NetScaler devices, designated as CVE-2025-5777 and dubbed "CitrixBleed 2."  This pre-authentication...

A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass standard authorization checks and...