An advanced security flaw exists in M365 Copilot that allows attackers to exfiltrate sensitive information from tenants, such as recent emails, through indirect command injection. Security researcher Adam Logue detailed...
A proof-of-concept exploit has been developed for two critical vulnerabilities in the popular 7-Zip archiving software. These vulnerabilities could be exploited by attackers to remotely execute arbitrary code by sending...
An untrusted data deserialization vulnerability has been identified in the Apache ActiveMQ NMS AMQP client, exposing systems to potential attacks from malicious servers. The flaw, tracked as CVE-2025-54539, has a...
A serious security incident has been reported by F5, a leading provider of application security and delivery solutions. A complex nation-state threat actor had gained long-term access to internal systems,...
A sophisticated attack campaign dubbed “Operation Zero Disk” has recently been detected, where threat actors are actively exploiting a critical vulnerability in the Cisco Simple Network Management Protocol (SNMP) to...
In its latest update, the tech giant fixed 175 vulnerabilities affecting its core products and underlying systems, including two actively exploited zero-day vulnerabilities , the company said in its latest...
Ivanti has published 13 vulnerabilities in its Endpoint Manager (EPM) software , including two high-severity flaws that could allow remote code execution and privilege escalation . Despite the lack of...
McAfee researchers have reported new activity by the Astaroth banking trojan , which has started using GitHub as a persistent channel for distributing configuration data. This approach allows attackers to...
A critical vulnerability has been identified in the AMD SEV-SNP hardware security architecture, impacting major cloud providers (AWS, Microsoft Azure, and Google Cloud) . This flaw allows malicious hypervisors to...
Two critical vulnerabilities in the 7-Zip archiver allowed remote code execution when processing ZIP files. The flaws affect how the program handles symbolic links within archives, allowing directory traversal and...
