Cisco has warned of a new attack variant targeting its Secure Firewall ASA and FTD devices, exploiting CVE-2025-20333 and CVE-2025-20362
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution.
A critical flaw in a popular React Native NPM package, CVE-2025-11953, enables arbitrary code execution on Windows, macOS, and Linux,
Australian authorities have issued an urgent warning over active exploitation of CVE-2023-20198, a critical Cisco IOS XE flaw used to
CISA has added critical XWiki and VMware vulnerabilities to its Known Exploited list, confirming active attacks and urging immediate patching
CISA warns that two vulnerabilities in DELMIA Apriso (CVE-2025-6204 and CVE-2025-6205) are under active exploitation, urging immediate patching across manufacturing
Meta has patched two low-risk WhatsApp flaws—CVE-2025-55177 and CVE-2025-30401—affecting desktop and mobile sync features. Both required user interaction and posed
TP-Link has patched four critical flaws—two enabling unauthenticated remote code execution—affecting Omada gateway devices. The vulnerabilities (CVE-2025-6542, -6541, -7850, -7851)
A critical RCE flaw, CVE-2025-59287, in Microsoft WSUS allows unauthenticated attackers to gain SYSTEM access via unsafe deserialization. Despite patches,
SessionReaper (CVE-2025-54236) is being actively exploited in Adobe Commerce and Magento stores, enabling account takeover and web-shell deployment as more
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.