U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 18, 2025 U.S....
vulnerabilities
When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk
A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according...
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 17, 2025...
Denial-of-Service and Source Code Exposure in React Server Components
In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues –...
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX)...
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft Windows and WinRAR flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 10, 2025 U.S....
U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a Meta React Server Components flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 08, 2025 U.S....
Cloudflare Forces Widespread Outage to Mitigate Exploitation of Maximum Severity Vulnerability in React2Shell
Just hours after a maximum severity vulnerability in React2Shell was disclosed on December 3, Amazon threat intelligence teams observed active exploitation...
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated...
Google Rolls Out Chrome 143 Update for Billions Worldwide
Source: Zulfugar Karimov/Unsplash Billions of Chrome users are getting a crucial safety upgrade before the year ends. Google has begun...
U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a new an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 04, 2025 U.S....
Sleepless in Security: What’s Actually Keeping CISOs Up at Night
When it comes to threats, today’s chief information security officers (CISOs) have their hands full. Between ransomware explosions, increasingly intricate...
U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 02, 2025 U.S. Cybersecurity and...
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds an OpenPLC ScadaBR flaw to its Known Exploited Vulnerabilities catalog Pierluigi Paganini December 01, 2025 U.S. Cybersecurity and...
Are AI Firewalls Worth the Investment?
AI is behind a surge in automated, hard-to-detect, and challenging-to-prevent cyberattacks. From AI-driven phishing to adversarial AI to ransomware,...
