Cisco warns of IOS zero-day vulnerability exploited in attacks

Cisco has released security updates to address a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software that ...

WatchGuard warns of critical vulnerability in Firebox firewalls

WatchGuard has released security updates to address a remote code execution vulnerability impacting the company's Firebox ...
Computer Weekly

SolarWinds warns over dangerous RCE flaw

A newly-uncovered RCE flaw in SolarWinds' helpdesk product bypasses two previously-issued fixes, and users should prioritise ...
SecurityWeek

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability

SolarWinds announced a hotfix for RCE vulnerability in Web Help Desk, and this is the third time it attempts to address the ...
Infosecurity MagazineOpinion

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

The Exploit Prediction Scoring System (EPSS) has emerged as an effective tool for complementing CVSS because it estimates the ...
The Hacker News

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery ...
SecurityWeek

GeoServer Flaw Exploited in US Federal Agency Hack

CISA has shared details on the exploitation of a year-old GeoServer vulnerability to compromise a federal agency.
Windows Report

Microsoft Patches A Critical Entra ID Vulnerability Discovered by Dutch Hacker

A Dutch researcher found a flaw in Microsoft Entra ID that could expose every tenant worldwide. Microsoft patched it within ...