Technology ❯ Software

Vulnerabilities

CVE Zero-Day Exploits Remote Code Execution Exploitation Techniques CVE Identifiers Exploitation Exploits Kernel Vulnerabilities Authentication Bypass Security Updates

Exaforce Raises $125 Million Series B for Real-Time AI Security Platform

Investors are betting on real-time, agent-driven defense as AI speeds up attacks.

US, UK Warn of ‘Firestarter’ Backdoor on Cisco Firewalls That Survives Patches

CISA Adds Eight Exploited Vulnerabilities to KEV and Sets Rapid Federal Patch Deadlines

Adobe Reader Zero-Day Exploited for Months Through Malicious PDFs

Android April Security Fixes Land as Samsung Rolls Out 47-Patch Galaxy Update

Axios npm Package Briefly Trojanized After Maintainer Account Takeover

Magento ‘PolyShell’ Exploited at Scale as New WebRTC Skimmer Bypasses Site Defenses

LiteLLM Supply-Chain Attack Sees Backdoored PyPI Releases Pulled as Users Urged to Rotate Keys

Pakistan CERT Orders Tighter Supply-Chain Defenses for Critical Infrastructure

DarkSword iPhone Exploit Leaks on GitHub, Threatens Unpatched Devices

CISA Flags Cisco Firewall Zero-Day Exploited by Interlock, Sets March 22 Patch Deadline

CISA Adds Three Actively Exploited Flaws to KEV, Sets Fast Federal Patching Deadlines

Dell Patches RecoverPoint Zero-Day Exploited Since 2024 by Suspected China Group

Security Warning Links Massive DDoS to 'Kimwolf' Botnet of Android TVs

CISA Forces Three-Day Patch for Actively Exploited SolarWinds Web Help Desk Flaw

APT28 Exploits Newly Patched Microsoft Office Flaw in Targeted Campaigns

n8n Issues Fixes After JFrog Uncovers Sandbox Escapes Allowing Authenticated RCE

CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog With Feb. 12 Remediation Deadline

Huntress Uncovers Pre-Disclosure ESXi VM-Escape Toolkit Used in December Intrusion

Veeam Ships Fixes for Critical Backup & Replication RCE, Urges Update to 13.0.1.1071