Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Vulnerability
Vulnerabilities in Ivanti Endpoint Manager Allow Credential Relay Attacks

Vulnerabilities in Ivanti Endpoint Manager Allow Credential Relay Attacks

Security researchers have discovered four critical vulnerabilities in Ivanti Endpoint Manager (EPM) that could allow unauthenticated attackers to pot…
PostgreSQL Patched Critical SQL Injection Vulnerability

PostgreSQL Patched Critical SQL Injection Vulnerability

Security researchers at Rapid7 have uncovered a significant SQL injection vulnerability (CVE-2025-1094) affecting PostgreSQL's interactive termin…
Researchers Uncover Authentication Bypass Vulnerability in Palo Alto Networks' PAN-OS

Researchers Uncover Authentication Bypass Vulnerability in Palo Alto Networks' PAN-OS

Security researchers at Assetnote have discovered a critical authentication bypass vulnerability in Palo Alto Networks' PAN-OS management interfa…
Google Uncover Critical AMD CPU Vulnerability Affecting Confidential Computing

Google Uncover Critical AMD CPU Vulnerability Affecting Confidential Computing

Google's Security Team has disclosed a high-severity vulnerability in AMD's CPU microcode signature verification system, affecting multiple A…
Cisco Webex Connect Flaw Exposed Millions of Chat Histories

Cisco Webex Connect Flaw Exposed Millions of Chat Histories

A critical security vulnerability in Cisco Webex Connect allowed unauthorized access to millions of customer support chat histories of every organiza…
New Security Flaws in Apple Chips Could Expose Sensitive Browser Data

New Security Flaws in Apple Chips Could Expose Sensitive Browser Data

Security researchers from Georgia Tech and Ruhr University Bochum have uncovered two significant vulnerabilities in Apple's latest processors tha…
Coolify Hit by Three RCE Flaws with Maximum CVSS Score

Coolify Hit by Three RCE Flaws with Maximum CVSS Score

Security researchers have uncovered three critical vulnerabilities in Coolify, the open-source platform used for managing servers, applications, and …
Critical Vulnerability in SonicWall SMA1000 Devices Actively Exploited

Critical Vulnerability in SonicWall SMA1000 Devices Actively Exploited

SonicWall has issued an urgent security advisory for a critical vulnerability affecting its SMA1000 series appliances, which is actively being explo…
Cookie Sandwich - New Attack Steals HttpOnly Cookies

Cookie Sandwich - New Attack Steals HttpOnly Cookies

A concerning new web security vulnerability dubbed " Cookie Sandwich " has been discovered that allows attackers to bypass HttpOnly cookie …
Critical 7-Zip Vulnerability Bypasses Windows Security

Critical 7-Zip Vulnerability Bypasses Windows Security

A high-severity vulnerability has been discovered in the popular file compression tool 7-Zip, potentially enabling attackers to bypass crucial Window…
Critical Vulnerabilities Discovered in SimpleHelp Remote Support Software

Critical Vulnerabilities Discovered in SimpleHelp Remote Support Software

Security researchers at Horizon3.ai have uncovered three critical vulnerabilities in SimpleHelp, a remote support software solution used globally. T…
Critical Auth Bypass Vulnerability in Fortinet Products Actively Exploited

Critical Auth Bypass Vulnerability in Fortinet Products Actively Exploited

Fortinet has disclosed a critical authentication bypass vulnerability ( CVE-2024-55591 ) affecting FortiOS and FortiProxy products that allow remote …
WorstFit - Critical Vulnerability Discovered in Windows Charset Conversion

WorstFit - Critical Vulnerability Discovered in Windows Charset Conversion

Security researchers Orange Tsai and Splitline Huang have discovered a significant vulnerability in Windows systems that could allow attackers to by…
Ivanti Connect Secure VPN Targeted in New Zero-Day

Ivanti Connect Secure VPN Targeted in New Zero-Day

Ivanti has released an urgent security update addressing two significant vulnerabilities affecting its Connect Secure, Policy Secure, and Neurons for…
Signature Verification Bypass Discovered in Nuclei Vulnerability Scanner

Signature Verification Bypass Discovered in Nuclei Vulnerability Scanner

Security researchers at Wiz have uncovered a significant vulnerability in Nuclei, a widely-used open-source security scanning tool, that could allow …
Alleged 7-Zip Zero-Day Vulnerability Claims Disputed by Developer

Alleged 7-Zip Zero-Day Vulnerability Claims Disputed by Developer

A recent claim of a zero-day vulnerability in the popular file compression software 7-Zip has been disputed by the program's developer, raising q…
Apache Patches Critical Remote Code Execution Vulnerability in Tomcat

Apache Patches Critical Remote Code Execution Vulnerability in Tomcat

The Apache Software Foundation has issued an urgent security advisory regarding a critical remote code execution (RCE) vulnerability in Apache Tomcat…
Vulnerability in Spring Boot Actuator Exposes Cloud Environments

Vulnerability in Spring Boot Actuator Exposes Cloud Environments

A new research report from Wiz Threat Research has uncovered widespread security risks in Spring Boot Actuator implementations, affecting numerous cl…
Critical 7-Zip Vulnerability Could Allow Remote Code Execution Through Malicious Archives

Critical 7-Zip Vulnerability Could Allow Remote Code Execution Through Malicious Archives

A critical security vulnerability has been discovered in 7-Zip, the popular file compression utility, potentially allowing attackers to execute malic…
Critical Vulnerability in Arc Browser's Legacy Boost Feature Patched

Critical Vulnerability in Arc Browser's Legacy Boost Feature Patched

A security researcher identified a significant vulnerability in the Arc browser that could have allowed attackers to gain write access to a user'…