Security

Critical Flaws in Alcatel-Lucent OmniAccess Stellar WLAN APs Allow Full Remote Takeover, PoC Releases

In a recently disclosure, ALE (Alcatel-Lucent Enterprise) has published a security advisory (SA-N0150) addressing multiple critical vulnerabilities in its OmniAccess Stellar WLAN Access Points, affect …
Read more

Published Date:
Jul 17, 2025 (10 hours ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-52690

CVE-2025-52689

CVE-2025-52688

CVE-2025-52687

SonicWall SMA Devices Under Attack: UNC6148 Deploys OVERSTEP Rootkit for Persistent Access

Google’s Threat Intelligence Group (GTIG) uncovers a stealthy, sophisticated campaign led by a financially motivated actor tracked as UNC6148. This campaign targets end-of-life SonicWall Secure Mobile …
Read more

Published Date:
Jul 17, 2025 (8 hours, 34 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20337

CVE-2024-38475

CVE-2023-44221

CVE-2021-20038

CVE-2021-20035

Critical Cisco ISE Flaw CVE-2025-20337 (CVSS 10.0) Allows Unauthenticated Root RCE – Patch Immediately

A critical vulnerability was found in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC. Tracked as CVE-2025-20337, the flaw is rated a maximum CVSS score of 10, highlighting its severity and pot …
Read more

Published Date:
Jul 17, 2025 (8 hours, 21 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20337

CVE-2024-20469

Made by Google 2025: Pixel 10, Pixel Watch 4, and More AI Innovations Revealed

Image: Google
Google has confirmed that this year’s Made by Google event will take place on August 20 at 1 PM Eastern Time, returning to New York City. The highly anticipated Pixel 10 lineup is expect …
Read more

Published Date:
Jul 17, 2025 (8 hours, 10 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20337

CVE-2024-39343

Cloudflare’s 1.1.1.1 DNS Suffers Global Outage Due to Internal Configuration Error

Image: CloudFlare
The 1.1.1.1 public DNS service operated by Cloudflare—second in global usage only to Google’s 8.8.8.8—experienced a large-scale worldwide outage on July 14, 2025. The disruption left …
Read more

Published Date:
Jul 17, 2025 (7 hours, 49 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20115

TryHackMe Room Walkthrough: Billing

🧠 TryHackMe Room Walkthrough: BillingA detailed walkthrough of TryHackMe’s Billing room exploiting CVE-2023–30258 and escalating via fail2ban misconfig4 min read11 hours agoRoom Link: https://tryhackm …
Read more

Published Date:
Jul 17, 2025 (4 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE‑2025‑27210 & CVE‑2025‑27209: Two high‑severity vulnerabilities in Node.js

What is this vulnerability?Two high‑severity flaws: CVE‑2025‑27210 and CVE‑2025‑27209 were found in Node.js. The first is a path traversal bypass exploiting Windows device names (CON, PRN, AUX). The s …
Read more

Published Date:
Jul 17, 2025 (4 hours, 45 minutes ago)

Vulnerabilities has been mentioned in this article.

Lenovo Vantage Vulnerabilities Allow Attackers to Escalate Privileges as SYSTEM User

A trio of newly disclosed CVE-2025-6230, CVE-2025-6231 and CVE-2025-6232 underscores how a single trusted OEM utility can become a springboard for full machine compromise.
Lenovo Vantage, shipped by d …
Read more

Published Date:
Jul 17, 2025 (3 hours, 10 minutes ago)

Vulnerabilities has been mentioned in this article.

GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia

In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues within the sampl …
Read more

Published Date:
Jul 17, 2025 (2 hours, 22 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2020-0688

Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files

A critical vulnerability in Cisco’s Unified Intelligence Center (CUIC) web-based management interface has been classified with high severity, allowing authenticated remote attackers with Report Design …
Read more

Published Date:
Jul 17, 2025 (1 hour, 41 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-20274

The United Australia Party (UAP), led by mining magnate Clive Palmer, has confirmed that it fell victim to a cyberattack…

Co-op has confirmed that the personal details of all 6.5 million of its members were stolen in a cyberattack earlier…

The popular U.S. department store chain Belk is under scrutiny following a cyberattack that may have compromised sensitive customer information.…

CVE ID : CVE-2025-7712

Published : July 17, 2025, 3:15 a.m. | 1 hour, 59 minutes ago

Description : The Madara – Core plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the wp_manga_delete_zip() function in all versions up to, and including, 2.2.3. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-7735

Published : July 17, 2025, 4:15 a.m. | 59 minutes ago

Description : The Hospital Information System developed by UNIMAX has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud.
The sneaky approach …
Read more

Published Date:
Jul 16, 2025 (21 hours, 5 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3648

CVE-2025-6554

CVE-2025-3067

CVE-2025-1939

WordPress Security Alert: CVE-2025-6043 Enables Remote File Deletion via Malcure Plugin

A new vulnerability, CVE-2025-6043, has been discovered in the Malcure Malware Scanner plugin for WordPress, a popular security tool used by over 10,000 websites to detect and remove malware. Security …
Read more

Published Date:
Jul 16, 2025 (17 hours, 58 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6043

CVE-2025-4389

CVE-2025-29824

CVE-2025-30406

CVE-2025-6558 – Chrome Zero-Day Sandbox Escape via GPU Rendering Flaw

Skip to content
July 17, 2025Threat OverviewCVE-2025-6558 is a high-risk zero-day vulnerability (CVSS score: 8.8) impacting Google Chrome’s graphics rendering pipeline, specifically within the ANGLE ( …
Read more

Published Date:
Jul 17, 2025 (3 hours, 2 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-6558

CVE-2025-48384

CVE-2025-2783

CVE-2025-21293

A former US Army soldier posted in Texas has pleaded guilty to charges linked to a large scale cybercrime conspiracy…

CVE ID : CVE-2024-9408

Published : July 16, 2025, 12:15 p.m. | 14 hours, 29 minutes ago

Description : In Eclipse GlassFish since version 6.2.5 it is possible to perform a Server Side Request Forgery attack in specific endpoints.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…