Palo Alto PAN-OS Multiple vulnerabilities
Multiple vulnerabilities were identified in Palo Alto PAN-OS . A remote attacker could exploit some of these vulnerabilities to trigger...
Month: February 2025
SonicWall Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in SonicWall Products. A remote attacker could exploit some of these vulnerabilities to trigger elevation of...
CVE Alert: CVE-2025-22657
Vulnerability Summary: CVE-2025-22657 Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...
CVE Alert: CVE-2025-22656
Vulnerability Summary: CVE-2025-22656 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar...
CVE Alert: CVE-2025-27016
Vulnerability Summary: CVE-2025-27016 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite – Google...
CVE Alert: CVE-2025-27013
Vulnerability Summary: CVE-2025-27013 Missing Authorization vulnerability in EPC MediCenter - Health Medical Clinic WordPress Theme allows Exploiting Incorrectly Configured Access...
CVE Alert: CVE-2025-26604
Vulnerability Summary: CVE-2025-26604 Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because...
CVE Alert: CVE-2024-56171
Vulnerability Summary: CVE-2024-56171 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c. To...
CVE Alert: CVE-2025-24928
Vulnerability Summary: CVE-2025-24928 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a stack-based buffer overflow in xmlSnprintfElements in valid.c. To...
CVE Alert: CVE-2024-13743
Vulnerability Summary: CVE-2024-13743 The Wonder Video Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wonderplugin_video...
CVE Alert: CVE-2025-26615
Vulnerability Summary: CVE-2025-26615 WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A...
CVE Alert: CVE-2025-27113
Vulnerability Summary: CVE-2025-27113 libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c. Affected...
Unraveling Digital Mysteries with DFIR
In an era where cyber threats lurk around every corner, organizations must be prepared to tackle incidents head-on. Digital Forensics...
Breach Exposes 12 Million Accounts at Zacks Investment Research
Zacks Investment Research faces a major breach, with the sensitive information of 12 million accounts surfaced on the dark web....
Critical OpenSSH Vulnerabilities Expose Systems to Attacks
Critical vulnerabilities in OpenSSH have been identified, exposing systems to potential man-in-the-middle and denial-of-service attacks. Discover how to safeguard your...
Snake Keylogger Variant: A Persistent Threat to Windows Users
A new variant of the Snake Keylogger is causing alarm among Windows users, as cybersecurity experts from Fortinet unveil its...
FrigidStealer: A New Threat for MacOS Users Uncovered by Proofpoint
The emergence of FrigidStealer highlights that MacOS devices are now targets for malware, shattering the myth of their immunity. The...
Mustang Panda Uses Microsoft Tools to Bypass ESET Anti-Virus Solutions
Mustang Panda, a Chinese nation-state group, is strategically using Microsoft tools to evade ESET anti-virus protections. The Chinese nation-state group...
BlackLock: The Leading Ransomware Group to Watch in 2025
As ransomware threats continue to evolve, BlackLock is positioned as a major player in 2025's cybersecurity landscape, showcasing unprecedented growth...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Call to Action to Close the National Software Understanding Gap
CISA and Partners Release Call to Action to Close the National Software Understanding Gap Today, CISA—in partnership with the Defense Advanced...
CISA: CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook
CISA Releases Microsoft Expanded Cloud Logs Implementation Playbook Today, CISA released the Microsoft Expanded Cloud Logs Implementation Playbook to help...
CISA: CISA Releases Twelve Industrial Control Systems Advisories
CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on January 16, 2025. These...
CISA: CISA and FBI Release Updated Guidance on Product Security Bad Practices
CISA and FBI Release Updated Guidance on Product Security Bad Practices In partnership with the Federal Bureau of Investigation (FBI),...
