Web applications often handle vast amounts of data, from personal user details to sensitive corporate information. As these applications grow in complexity and importance, they also become primary ...

CISA adds Wing FTP CVE-2025-47813 to KEV after active exploitation, exposing server paths and aiding attacks; patch by March 30, 2026.

A serious vulnerability in an embedded Web server used by many router models from different manufacturers allows remote attackers to take control of affected devices over the Internet. A compromised ...

Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a ...

ESET Research has been closely tracking the cyberespionage operations of Winter Vivern for more than a year and, during our routine monitoring, we found that the group began exploiting a zero-day XSS ...

Astra Vulnerability Scanner Review: How Good Is Astra? Your email has been sent Astra is one of the few security companies that combines automated and manual penetration testing (pentest) to create ...

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with ...

AMI MegaRAC baseband management controller vulnerability enables attackers to bypass authentication on the Redfish API and deploy malware implants or brick servers. Researchers found a critical ...

This week, I’m once again delaying the next installment in the business continuity event management series to discuss what I believe is one of the most valuable free solutions for identifying DNS risk ...