In recent years, internet-connected devices, especially IoT (Internet of Things) and consumer-grade routers, have become primary targets for cybercriminals. In 2024, scanning attacks aimed at identifying vulnerabilities worldwide increased by 91%. This rise is significantly higher than in previous years…
Recently, cybersecurity specialists have discovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) operating system. These vulnerabilities allow authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands. The vulnerabilities are classified as follows: Extreme Networks has released…
Cybersecurity researchers have discovered a new dangerous exploit targeting Apple iOS devices. This exploit, named Trigon, takes advantage of a critical vulnerability in the management layer of the iOS operating system. The vulnerability was first uncovered by Kaspersky and was…
Digital security is more important today than ever before. A newly discovered vulnerability in Substack’s domain management system could create new opportunities for cybercriminals. Specifically, due to improperly configured DNS records, attackers can take control of abandoned (inactive) Substack subdomains.…
In the digital world, protecting personal data has become a crucial issue. Google continues to implement new technologies in this field. Recently, an analysis of the Google Play Services v24.45.33 APK file by Android Authority revealed a new feature called…
Apache Derby is an open-source database management system fully implemented in Java, widely used in various applications and services. However, a recently discovered vulnerability, CVE-2022-46337, has put systems based on this platform at serious risk. This vulnerability allows attackers to…
In today’s world, cybersecurity is more important than ever. In this regard, Ping Identity has announced the discovery of a critical vulnerability (CVE-2025-20059) in the PingAM Java Agent software. This vulnerability allows bypassing security policies and gaining unauthorized access to…
One of the significant cybersecurity events is Cisco’s announcement of a critical vulnerability found in its Nexus 3000 and 9000 series switches. This vulnerability, registered under CVE-2025-20161, allows authenticated users with administrative privileges to execute commands with root access. The…
Several high-risk vulnerabilities have been identified in the GitLab platform. In particular, two critical Cross-Site Scripting (XSS) vulnerabilities allow attackers to bypass security defenses and execute malicious scripts in users’ browsers. The vulnerabilities, CVE-2025-0475 (CVSS 8.7) and CVE-2025-0555 (CVSS 7.7),…
A new critical vulnerability (CVE-2025-0514) has been discovered in LibreOffice, which has now been patched. Researchers have found that attackers can exploit specially crafted documents to execute malicious files on Windows systems. This vulnerability has been rated 7.2 on the…