security

Critical AMI BMC Vulnerability: Patch Your ASUS Workstation Now ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

ASUS CVE-2025-13348 File Shredder Removal ASUS LPE Flaw CVE-2025-59373 ASUS Armoury Crate vulnerability Asus CVE Numbering Authority - CVE-2024-12912 and CVE-2024-13062 AMI BMC vulnerability, CVE-2024-54085

Critical AMI BMC Vulnerability: Patch Your ASUS Workstation Now

Ddos April 25, 2025

Veteran PC users are likely familiar with encountering messages from American Megatrends International (AMI) during system startup....

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks CVE-2025-31324, SAP NetWeaver

CVE-2025-31324, SAP NetWeaver

CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks

Ddos April 25, 2025

A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively...

Deepfakes and Deception: The Rise of Synthetic Identities in Remote Work Deepfakes Synthetic Identity

Deepfakes Synthetic Identity

Deepfakes and Deception: The Rise of Synthetic Identities in Remote Work

Ddos April 23, 2025

In an era where remote work is increasingly prevalent, a new cybersecurity threat has emerged: the use...

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin Greenshift plugin WordPress vulnerability

Greenshift plugin WordPress vulnerability

Over 50k WordPress Sites at Takeover Risk Via Vulnerable Plugin

Ddos April 21, 2025

A critical vulnerability affecting the popular WordPress plugin Greenshift – animation and page builder blocks has come...

Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End Windows 11 TPM 2.0

Windows 11 TPM 2.0

Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End

Ddos April 21, 2025

Microsoft is eager for more users to migrate from Windows 10 to Windows 11—but only if their...

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104 Cellebrite exploit, Android zero-day

Cellebrite exploit, Android zero-day

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104

Ddos April 21, 2025

A security researcher published a proof-of-concept exploit code for an Android zero-day exploit chain developed by Cellebrite...

Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution PyTorch vulnerability, CVE-2025-32434 CVE-2026-24747

PyTorch vulnerability, CVE-2025-32434 CVE-2026-24747

Critical PyTorch Vulnerability CVE-2025-32434 Allows Remote Code Execution

Ddos April 21, 2025

A critical vulnerability has been unearthed in PyTorch, one of the most beloved deep learning frameworks out...

CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild Active! mail vulnerability, CVE-2025-42599

Active! mail vulnerability, CVE-2025-42599

CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild

Ddos April 21, 2025

A severe security vulnerability has been identified in Active! mail, a product of QUALITIA CO., LTD., posing...

Critical Meshtastic RCE Vulnerability (CVE-2025-24797) Requires Urgent Update tastic

tastic

Critical Meshtastic RCE Vulnerability (CVE-2025-24797) Requires Urgent Update

Ddos April 21, 2025

A critical security vulnerability has been disclosed in Meshtastic, the open-source LoRa mesh networking platform known for...

GCVE: Decentralizing Vulnerability Identification for Greater Agility GCVE, vulnerability identification

GCVE, vulnerability identification

GCVE: Decentralizing Vulnerability Identification for Greater Agility

Ddos April 18, 2025

A new initiative, the Global CVE (GCVE) Allocation System, is introducing a decentralized approach to the crucial...

Microsoft to Disable ActiveX Controls in Office 365 and 2024 Microsoft Patch Tuesday CVE-2026-20805 RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

Microsoft Patch Tuesday CVE-2026-20805 RasMan Crash Flaw, 0patch Micropatch ASP.NET Core, HTTP smuggling Windows kernel Rust ActiveX, Microsoft 365

Microsoft to Disable ActiveX Controls in Office 365 and 2024

Ddos April 17, 2025

According to a product announcement released by Microsoft, the company plans to begin disabling all ActiveX controls...

Unprotected APIs Expose Data of 33,000 Employees API Security, Data Leak

API Security, Data Leak

Unprotected APIs Expose Data of 33,000 Employees

Ddos April 17, 2025

A recent discovery by CloudSEK’s BeVigil platform has highlighted the significant risks posed by unprotected Application Programming...

4chan Suffers Major Cyberattack, Sensitive Data Leaked 4chan hack 4chan data breach

4chan hack 4chan data breach

4chan Suffers Major Cyberattack, Sensitive Data Leaked

Ddos April 16, 2025

The notorious—or, as some might say, infamous—online forum 4chan was recently the target of a cyberattack. Circulating...

Top Cybersecurity Tools for 2025 Cybersecurity Tools Penetration Testing

Cybersecurity Tools Penetration Testing

Top Cybersecurity Tools for 2025

Ddos April 16, 2025

As cyber threats grow more sophisticated, so do the tools defenders use to counter them. In 2025,...

Android to Auto-Reboot After 72 Hours of Inactivity Android Spyware, SpyMax RAT CVE-2024-0039 Android Auto-Reboot Google Play Services

Android Spyware, SpyMax RAT CVE-2024-0039 Android Auto-Reboot Google Play Services

Android to Auto-Reboot After 72 Hours of Inactivity

Ddos April 15, 2025

Previously, Apple introduced an automatic reboot feature to iPhones via iOS security updates—a security mechanism designed to...

CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103) CVE-2024-53552 CrushFTP vulnerability, SSRF

CVE-2024-53552 CrushFTP vulnerability, SSRF

CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103)

Ddos April 15, 2025

CrushFTP, a popular file transfer server, is facing increased scrutiny following the discovery of two significant security...

Tor Browser and the Dark Web: A Beginner’s Guide to Anonymity and Security Tor Browser Dark Web

Tor Browser Dark Web

Tor Browser and the Dark Web: A Beginner’s Guide to Anonymity and Security

Ddos April 14, 2025

Introduction: Unveiling Tor and the Dark Web The Tor Browser stands as a specialized tool in the...

Urgent: Yii 2 Vulnerability CVE-2024-58136 Under Active Exploit

Yii 2 vulnerability CVE-2024-58136

Urgent: Yii 2 Vulnerability CVE-2024-58136 Under Active Exploit

Ddos April 14, 2025

A critical security vulnerability, tracked as CVE-2024-58136 (CVSS 9.1), has been uncovered in the popular PHP web...

Critical Vulnerability in Everest Forms Plugin Threatens WordPress Sites Everest Forms Vulnerability WordPress Plugin Security

Everest Forms Vulnerability WordPress Plugin Security

Critical Vulnerability in Everest Forms Plugin Threatens WordPress Sites

Ddos April 12, 2025

A critical security vulnerability has been discovered in the Everest Forms WordPress plugin, putting over 100,000 websites...

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Vulnerability WordPress Plugin Security

InstaWP Connect Plugin Exposes WordPress Sites to Critical File Inclusion Vulnerability

Ddos April 11, 2025

A severe security vulnerability has been identified in the InstaWP Connect WordPress plugin, posing a significant risk...