Recent cybersecurity research has uncovered a critical vulnerability in SAP NetWeaver systems. According to analysts from Shadowserver, 454 SAP NetWeaver devices are currently at risk. This vulnerability is already being actively exploited in real-world attacks. The vulnerability, registered as CVE-2025-31324,…
Since 2024, sophisticated phishing attacks known as “Power Parasites” have been targeting leading global energy companies and well-known brands. A recently published comprehensive threat analysis report detailed these activities. This campaign primarily exploits the names and brands of major companies…
In the first quarter of 2025, the cybersecurity landscape faced an alarming situation—researchers identified that 159 vulnerabilities (CVE—Common Vulnerabilities and Exposures) were actively exploited in real-world attacks. This figure starkly illustrates the scale of the threat: hackers are swiftly leveraging…
Recent security research has uncovered a highly severe vulnerability, identified as CVE-2025-34028, in the Commvault Command Center system. This vulnerability allows hackers to execute malicious code without authentication, potentially leading to a complete takeover of the server environment, data theft,…
Recent security analyses have identified a severe vulnerability, CVE-2024-54085, posing a significant threat to server infrastructure. This vulnerability resides in the MegaRAC BMC (Baseboard Management Controller) firmware developed by AMI, widely used by major server manufacturers such as ASUS, Lenovo,…
A new serious threat has emerged in the cybersecurity landscape. A critical Remote Code Execution (RCE) vulnerability, which allows bypassing authentication, has been identified in the popular Commvault platform, known for its data protection software solutions. This flaw enables attackers…
Redis, a high-performance, open-source database widely used by developers and systems, has recently been found to have a dangerous vulnerability. This flaw allows hackers to overload server memory, rendering it inoperable. The vulnerability, identified as CVE-2025-21605, has been assigned a…
GitLab, a leading DevOps platform, has released a critical security update to address significant vulnerabilities in its system. This update mitigates major threats, including account takeover, Denial-of-Service (DoS) attacks, and Cross-Site Scripting (XSS) exploits, ensuring enhanced protection for its users.…
Two serious vulnerabilities have been identified in IBM’s Power Hardware Management Console (HMC) management system. These vulnerabilities could allow hackers to gain access to the system, escalate their privileges, and even execute commands at an administrator level. Details of the…
Recent cybersecurity analyses have uncovered a highly dangerous vulnerability in the SSH (Secure Shell) component of the Erlang/OTP platform used in Cisco products. Registered as CVE-2025-32433, this vulnerability has been assigned a CVSS score of 10.0—the highest possible severity rating.…