GitLab patches critical authentication bypass vulnerabilities
GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity…
Microsoft patches Windows Kernel zero-day exploited since 2023
Slovak cybersecurity company ESET says a newly patched zero-day vulnerability in the Windows Win32 Kernel Subsystem has been exploited in attacks since…
Microsoft: 6 Zero-Days in March 2025 Patch Tuesday
Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six…
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise…
CISA tags Windows, Cisco vulnerabilities as actively exploited
CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist…
Exploits for unpatched Parallels Desktop flaw give root on Macs
Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root…
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited…
Apiiro unveils free scanner to detect malicious code merges
Security researchers at Apiiro have released two free, open-source tools designed to detect and block malicious code before they are…
Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild
The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with…