Main Menu

CVE Vulnerability Alerts

Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
Application Security
Critical runC Vulnerabilities Undermine Container Isolation in Docker and Kubernetes
November 10, 2025
Security researchers disclosed three severe runC vulnerabilities (CVE-2024-21626, -23651, -23652) enabling container escapes in Docker and Kubernetes. The flaws allow host-level command injection and privilege ...
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
CVE Vulnerability Alerts
LANDFALL Spyware Exploited Samsung Galaxy Zero-Day in Targeted Middle East Attacks
November 9, 2025
A zero-day flaw in Samsung Galaxy devices (CVE-2025-21042) was exploited to deploy LANDFALL spyware across the Middle East, enabling full device compromise and covert data ...
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
CVE Vulnerability Alerts
Cisco Warns of New Attack Variant Exploiting Secure Firewall ASA and FTD Vulnerabilities
November 6, 2025
Cisco has warned of a new attack variant targeting its Secure Firewall ASA and FTD devices, exploiting CVE-2025-20333 and CVE-2025-20362 in tandem for remote code ...
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
CVE Vulnerability Alerts
CISA Warns of Ongoing Exploitation of Critical CentOS Web Panel Flaw
November 6, 2025
CISA has warned of active exploitation of a critical flaw (CVE-2022-44877) in CentOS Web Panel, allowing unauthenticated remote code execution. Administrators are urged to patch ...
Critical React Native NPM Vulnerability Enables Cross-Platform Command Execution
CVE Vulnerability Alerts
Critical React Native NPM Vulnerability Enables Cross-Platform Command Execution
November 4, 2025
A critical flaw in a popular React Native NPM package, CVE-2025-11953, enables arbitrary code execution on Windows, macOS, and Linux, threatening CI/CD pipelines.
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
CVE Vulnerability Alerts
Australia Issues Urgent Warning as Cisco IOS XE Exploit Sees Ongoing Attacks
November 2, 2025
Australian authorities have issued an urgent warning over active exploitation of CVE-2023-20198, a critical Cisco IOS XE flaw used to deploy the persistent “BadCandy” webshell. ...
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
CVE Vulnerability Alerts
CISA Adds XWiki and Broadcom VMware Flaws to Known Exploited Vulnerabilities Catalog
October 30, 2025
CISA has added critical XWiki and VMware vulnerabilities to its Known Exploited list, confirming active attacks and urging immediate patching under federal security mandates.
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
CVE Vulnerability Alerts
CISA Alerts to Actively Exploited Vulnerabilities in DELMIA Apriso by Dassault Systèmes
October 29, 2025
CISA warns that two vulnerabilities in DELMIA Apriso (CVE-2025-6204 and CVE-2025-6205) are under active exploitation, urging immediate patching across manufacturing operations.
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
Application Security
WhatsApp Hack Uncovers 2 Low-Risk Vulnerabilities, No Arbitrary Code Execution
October 27, 2025
Meta has patched two low-risk WhatsApp flaws—CVE-2025-55177 and CVE-2025-30401—affecting desktop and mobile sync features. Both required user interaction and posed no remote code execution risk, ...
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
CVE Vulnerability Alerts
TP-Link Patches Critical Omada Gateway Vulnerabilities Preventing Remote Attacks
October 27, 2025
TP-Link has patched four critical flaws—two enabling unauthenticated remote code execution—affecting Omada gateway devices. The vulnerabilities (CVE-2025-6542, -6541, -7850, -7851) impact multiple ER, G, and ...
Load More
Trending
Sneaky 2FA PhaaS Platform Adds Browser-in-the-Browser Attacks to Bypass MFA
Dutch Police Dismantle Bulletproof Hosting Platform Used by Cybercriminals
Fraudsters Spoof U.S. Insurers in Health Scam Targeting Chinese Speakers
Google Sues Chinese Cybercriminal Group Behind Massive “Lighthouse” Smishing Campaign
LinkedIn Becomes a Launchpad for Phishing Campaigns Targeting Executives
Route Redirect Automates Large-Scale Microsoft 365 Phishing
Swiss Cybersecurity Agency Warns of Phishing Scam Targeting Apple ID Credentials
Rhysida Ransomware Gang Exploits Bing Ads to Spread Malware
Cybercriminals Target Shipping Sector With RMM-Based Cargo Theft Attacks
How Device Code Phishing Abuses OAuth Flows on Google and Azure

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.