Cybersecurity researchers have discovered a critical vulnerability in the popular WordPress plugin — InstaWP Connect. This vulnerability could potentially expose thousands of websites to remote attacks. Experts from Wordfence identified and reported the vulnerability CVE-2025-2636, which allows unauthenticated attackers to…
Security Warning: Over 5,000 Ivanti Connect Secure VPN devices used across corporate networks worldwide remain at serious risk. This vulnerability, identified as CVE-2025-22457, allows cybercriminals to gain access to your systems and steal your data. This is a stack-based buffer…
Elastic has issued an urgent security update for its Kibana data visualization platform, addressing a high-severity vulnerability that could allow attackers to execute arbitrary code. Tracked as CVE-2024-12556 with a CVSS score of 8.7 (High), this flaw affects Kibana versions 8.16.1 through 8.17.1 The security flaw stems from…
A serious security vulnerability has been discovered in the mod_auth_openidc module for OpenID Connect authentication and authorization in the Apache HTTP server. This issue could allow unauthenticated users to gain access to protected web resources. The vulnerability, named CVE-2025-31492, has…
A serious vulnerability has been identified in Microsoft Windows Remote Desktop Services (RDP), allowing attackers to execute malicious code remotely without requiring user authentication. This vulnerability, named CVE-2025-27480, is a use-after-free issue in the Remote Desktop Gateway service and has…
A vulnerability that allowed system control to be taken over via a malicious USB device has been fixed. A serious security issue was identified in the USB Audio driver of the Linux operating system. This vulnerability was discovered by SUSE…
Attention to Users and Organizations! Cybersecurity specialists have identified three critical vulnerabilities in SonicWall’s NetExtender VPN software designed for the Windows operating system. These vulnerabilities could allow attackers to perform various malicious actions on users’ computers. SonicWall has released security…
A newly discovered vulnerability in the WinRAR archiver allows attackers to install malicious code on users’ computers. Tracked as CVE-2025-31334, this vulnerability affects WinRAR versions prior to 7.11 and is rated with a 6.8 CVSS score. Windows’ “Mark of the…
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has officially issued a warning regarding a critical vulnerability in the Microsoft Windows operating system. This vulnerability, registered under the identifier CVE-2025-29824, has been added to CISA’s Known Exploited…
VMware has issued a warning about a serious vulnerability in its Aria Operations platform. The CVE-2025-22231 vulnerability allows attackers to escalate privileges, gaining root-level control over the affected system. VMware has classified this issue as Important, and cybersecurity experts emphasize…