Coverage
Vulnerabilities
748 articles on vulnerability disclosures and exploits
Advertisement
Siemens SICAM 8 CPCI85 and RTUM85 DoS Vulnerabilities: Patch Guide
Siemens issued an advisory for SICAM 8 products fixing vulnerabilities in CPCI85 and RTUM85 that could cause system crashes in critical infrastructure.
Anthropic Claude Code Vulnerability Analysis — Mitigation Guide
Anthropic's Claude Code faces critical scrutiny following a source code leak and the discovery of a vulnerability allowing arbitrary command execution.
CVE-2025-55182: Next.js React2Shell Exploited to Steal Cloud Secrets
Attackers are exploiting the CVE-2025-55182 React2Shell vulnerability in Next.js to harvest AWS secrets, SSH keys, and database credentials from 766 hosts.
Cisco IMC and SSM RCE via CVE-2026-20093 — Mitigation Guide
Cisco patches a critical 9.8 CVSS vulnerability in Integrated Management Controller (IMC) allowing unauthenticated remote attackers to gain full system access.
Vite Exposed Installs: Exploitation Attempts & Mitigation for CVE-2025-30208
Runtime Rebel warns of active exploitation attempts targeting exposed Vite development environments. Learn about CVE-2025-30208 and critical mitigation steps.
BRICKSTORM Malware: Hardening vSphere & VCSA Against Advanced Threats
Defend VMware vSphere and VCSA against BRICKSTORM malware. Learn hardening strategies, identity management, Zero Trust networking, and advanced logging to thwart
Apple DarkSword Protection Expands: Mitigating CVE-2023-38604 Zero-Click Exploits
Apple expands DarkSword exploit protection to all users, enhancing defenses against state-sponsored and commercial zero-click attacks like CVE-2023-38604.
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, & Cloud Evasion
Analysis of the latest ThreatsDay Bulletin covering critical pre-authentication exploit chains, stealthy Android rootkits, and advanced CloudTrail evasion techniques.
Coruna: Sophisticated iPhone Hacking Toolkit Bypasses iOS Defenses
Google researchers uncovered "Coruna," a powerful iOS exploit kit leveraging 23 vulnerabilities to silently install malware on iPhones, likely state-sponsored.
CVE-2024-20359: Cisco IMC Auth Bypass Grants Admin Access
Cisco IMC critical authentication bypass (CVE-2024-20359) allows unauthenticated attackers admin access. Learn about the vulnerability and urgent patch guidance.
Open Source Security: Key Findings from 2025 Trust Report
Analysis of the 2025 State of Trusted Open Source Report, detailing prevalent vulnerabilities and consumption patterns in container images and language libraries.
Ivanti Connect Secure RCE via CVE-2024-21887 — Mitigation Guide
Critical Ivanti Connect Secure vulnerabilities CVE-2023-46805 and CVE-2024-21887 continue to be exploited. Learn detection strategies and mitigation steps.