A newly discovered vulnerability in the WinRAR archiver allows attackers to install malicious code on users’ computers. Tracked as CVE-2025-31334, this vulnerability affects WinRAR versions prior to 7.11 and is rated with a 6.8 CVSS score. Windows’ “Mark of the…
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has officially issued a warning regarding a critical vulnerability in the Microsoft Windows operating system. This vulnerability, registered under the identifier CVE-2025-29824, has been added to CISA’s Known Exploited…
VMware has issued a warning about a serious vulnerability in its Aria Operations platform. The CVE-2025-22231 vulnerability allows attackers to escalate privileges, gaining root-level control over the affected system. VMware has classified this issue as Important, and cybersecurity experts emphasize…
Recently, Dell Technologies identified several critical vulnerabilities in its Unity, UnityVSA, and Unity XT storage systems and released security updates to mitigate them. These vulnerabilities allow attackers to gain unauthorized access, execute commands with root privileges, and delete critical system…
Active Exploitation of CVE-2025-2825 Vulnerability! 🔴 After the discovery of an authentication bypass vulnerability in CrushFTP, cybercriminals have started actively exploiting it. According to data from the Shadowserver Foundation, as of March 30, 2025, 1,512 vulnerable servers remain exposed to…
Apple has announced the discovery of three new zero-day vulnerabilities that are currently being actively exploited by cybercriminals. These vulnerabilities, identified as CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085, pose a significant threat to iPhones, iPads, Macs, and other Apple ecosystem devices. Hackers…
🔴 Appsmith users, stay alert! Appsmith is an open-source software platform widely used for building internal applications. However, serious security vulnerabilities have recently been discovered, which could allow attackers to remotely execute arbitrary commands. The most critical vulnerability is CVE-2024-55963,…
A critical vulnerability has been discovered in NetApp SnapCenter software, posing a significant security risk. This vulnerability allows authenticated users to escalate their privileges to an administrator level on remote systems, potentially leading to infrastructure compromise and data breaches. 📌…
🔍 Cybercriminals are increasingly using sophisticated techniques to inject malicious code into the NPM repository. Although the number of malicious packages seemed to decline in 2023–2024, this trend has not continued in 2024. Recently, security researchers identified two NPM packages…
🔍 Cybersecurity experts have discovered a serious vulnerability in the Splunk system. This flaw allows attackers to upload malicious files and execute arbitrary code within the system. Splunk has identified a Remote Code Execution (RCE) vulnerability, CVE-2025-20229, in its Splunk…