A jsPDF vulnerability tracked as CVE-2025-68428 could allow attackers to read arbitrary files, exposing configurations and ...

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin ...

Researchers have issued advisories for eleven separate Elementor add-on plugins with 15 vulnerabilities that can make it possible for hackers to upload malicious files. One of them is rated as a high ...

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...

ESET researchers discovered a zero-day exploit that targets Telegram for Android, which appeared for sale for an unspecified price in an underground forum post from June 6 th, 2024. Using the exploit ...

A vulnerability found in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The remote code execution (RCE) bug allows attackers to take over servers using a PUT API ...

A proof-of-concept exploit (PoC) has become available for a critical zero-day vulnerability in the Windows SmartScreen technology. Microsoft issued a patch for the issue in its November Patch Tuesday ...

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on ...

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.