Security Intelligence

Public exploit published for unpatched vulnerability in Chrome

A vulnerability in Chromium’s Blink rendering engine causes various browsers to crash, freeze, or become unresponsive...

Security Intelligence

Two additional flaws in Dassault Systèmes DELMIA Apriso exploited

CISA added CVE-2025-6204 and CVE-2025-6205 to its KEV catalog, confirming active exploitation in the wild. Chaining the...

Security Intelligence

BIND 9 vulnerability reopens DNS poisoning threat: POC published

POC exploit code for CVE-2025-40778 published, demonstrates how a remote, unauthenticated user could poison DNS caches...

Security Intelligence

Weekly Threat Round-up: RCE risk in Rust, TP-Link patches, & CISA adds five vulnerabilities to KEV

October 27, 2025 Threat Round-up: New RCE flaw found in Rust, TP-Link issues urgent patches, CISA adds five exploited...

Security Intelligence

ASP.NET Core flaw affects QNAP NetBak PC Agent, other deployments

Critical ASP.NET Core flaw (CVE-2025-55315) impacts QNAP NetBak PC Agent and other deployments. Update to version...

Security Intelligence

Microsoft issues emergency patch for critical, actively exploited WSUS flaw

Microsoft patches a critical WSUS flaw (CVE-2025-59287) enabling remote code execution. Learn about the risks, active...

Security Intelligence

Weekly Threat Round-up: F5 confirms breach & Microsoft + Oracle release patches

October 20, 2025 Threat Round-up: F5's confirmed breach, Microsoft's Patch Tuesday, Oracle patches, and more in this...

Security Intelligence

TARmageddon: Remote code execution risk in Rust archive libraries

High-severity Rust flaw (CVE-2025-62518) in async-tar allows remote code execution via malicious TAR files. Patch...

Security Intelligence

TP-Link patches critical Omada gateway vulnerabilities

TP-Link fixes critical Omada gateway flaw (CVE-2025-6542) allowing remote code execution on devices.

Security Intelligence

CISA adds five actively exploited vulnerabilities to KEV catalog

CISA adds five actively exploited vulnerabilities to its KEV catalog, including flaws in Windows SMB, Oracle EBS, Apple...

Security Intelligence

Update on-prem ConnectWise Automate to secure agent traffic & file validation

ConnectWise recently released version 2025.9 of its Automate platform to address two vulnerabilities affecting agent...

Security Intelligence

Gladinet patches critical vulnerability exploited in the wild

Gladinet patches a critical zero-day flaw in CentreStack and Triofox (CVE-2025-11371) exploited in the wild. Rapid...