The React Server component security saga continues this week. Following the patching of a critical remote code execution (RCE) vulnerability that led to React2shell, researchers have discovered two new vulnerabilities....
An urgent security update has been released to address a critical vulnerability in Windows PowerShell that allows attackers to execute malicious code on affected systems. This security flaw, designated CVE-2025-54100,...
Despite significant geopolitical challenges, the mercenary spyware industry remains a resilient and persistent threat; in this context, the well-known vendor Intellexa continues to expand its arsenal. A recent report from...
Security researchers have discovered two high-risk vulnerabilities (CVE-2025-20386 and CVE-2025-20387, with CVSS severity 8.0) affecting the Splunk Enterprise platform and Universal Forwarder components. These vulnerabilities result from incorrect permissions on...
A vulnerability has been discovered in the Linux hosting ecosystem : the ImunifyAV malware scanner has been found to be vulnerable to remote code execution (RCE). The issue affects the...
Of all the vulnerabilities, the most feared by victims and the most sought after by attackers is remote code execution, or RCE. This vulnerability allows arbitrary commands to be executed...
Two vulnerabilities related to Gladinet and Control Web Panel (CWP) have been added to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) catalog of known exploited vulnerabilities (KEVs), due to...
Wordfence is raising the alarm about a large-scale malware campaign in which attackers are exploiting critical vulnerabilities in the popular WordPress plugins GutenKit and Hunk Companion . The company blocked...
Many web applications rely on Apache Tomcat, a widely used open-source Java servlet container. On October 27, 2025, Apache disclosed two vulnerabilities: CVE-2025-55752 and CVE-2025-55754, affecting several versions of Tomcat....
A serious security incident has been reported by F5, a leading provider of application security and delivery solutions. A complex nation-state threat actor had gained long-term access to internal systems,...
