Coverage
Vulnerabilities
738 articles on vulnerability disclosures and exploits
Advertisement
CVE-2025-14510: ABB Ability OPTIMAX Azure AD SSO Auth Bypass
CISA warns of CVE-2025-14510 impacting ABB Ability OPTIMAX, allowing authentication bypass on Azure AD SSO integrations. Patch immediately.
AI-Assisted Scan Uncovers 9-Year-Old Linux Vulnerability
An AI-assisted software scan revealed a 9-year-old Linux vulnerability with a 10-line proof-of-concept exploit. Learn about its implications and essential mitigation.
AI's Impact: Cybercrime Industrialization & Shrinking Exploitation
AI is accelerating industrial cybercrime, drastically reducing time-to-exploit to hours. Defenders must leverage AI and automation to match threat velocity.
AI-Powered Exploit Surge: Mitigating Automated Attack Development
Anthropic's Claude Security counters the emerging threat of AI-accelerated exploit generation, enhancing defense against novel vulnerabilities and attack vectors.
ABB AWIN Gateways Authentication Bypass and DoS Vulnerabilities
Critical vulnerabilities in ABB AWIN GW100 and GW120 gateways could allow unauthenticated attackers to reboot devices or extract sensitive configuration data.
ABB Symphony Plus Engineering: Fix PostgreSQL RCE Vulnerabilities
ABB Ability Symphony Plus Engineering is vulnerable to RCE via legacy PostgreSQL components. Learn how to mitigate CVE-2024-7348 and secure ICS networks.
CVE-2024-40766: Patch SonicWall SonicOS Improper Access Control
SonicWall urges immediate patching of CVE-2024-40766, a critical access control flaw in SonicOS affecting Gen 5, 6, and 7 firewalls.
KB5083769 Update Triggers Third-Party Backup Failures on Windows 11
The April KB5083769 update for Windows 11 24H2 and 25H2 causes failures in third-party backup software, creating significant disaster recovery risks.
CVE-2024-32866: Critical RCE in EnOcean SmartServer IoT Gateways
Researchers at Claroty discovered critical RCE and security bypass flaws in EnOcean SmartServer IoT gateways that expose smart buildings to remote takeover.
Google Gemini CLI Host Code Execution: Securing AI Developer Tools
Critical security flaw in Google Gemini CLI allows host code execution and supply chain attacks via malicious configurations. Learn how to mitigate.
CVE-2026-41940: Active Zero-Day Exploitation in cPanel and WHM
Critical zero-day CVE-2026-41940 in cPanel and WHM allows for authentication bypass. Learn about active exploitation, public PoCs, and essential patch guidance.
Redtail Malware Exploiting CVE-2024-3400: Technical Analysis
Analysis of the Libredtail variant exploiting Palo Alto Networks CVE-2024-3400 to deploy crypto-miners and establish rootkit persistence.