The vulnerability rewards platform HackerOne has announced that over the past twelve months, white-hat hackers around the world have earned a total of $81 million in payouts — a 13% increase compared to the...
Google has released the stable version of Chrome 141.0.7390.54/55 for Windows, macOS, and Linux. The update will roll out over the coming days and weeks, addressing 21 security vulnerabilities of varying severity — including...
Researchers from Johns Hopkins University and several other institutions have demonstrated a novel, server-side attack against Intel SGX that achieves full extraction of the DCAP attestation key — notably using hardware costing under $1,000....
Researchers at Tenable have disclosed three vulnerabilities in Google’s Gemini AI, flaws that enabled data theft and remote exploitation. Collectively dubbed the “Gemini Trifecta,” these issues affected distinct modules of the assistant. The first...
More than 48,000 Cisco ASA and Firepower Threat Defense (FTD) firewalls remain unprotected against two critical vulnerabilities that are already being actively exploited. Tracked as CVE-2025-20333 and CVE-2025-20362, these flaws allow remote code execution...
A team of researchers has developed a simple hardware tool that calls into question the very foundations of trusted computing in modern cloud environments. With a device costing less than fifty dollars, they successfully...
Broadcom has patched a critical privilege escalation vulnerability in VMware Aria Operations and VMware Tools, which had been actively exploited as a zero-day since October 2024. The flaw, tracked as CVE-2025-41244, was not initially...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in the widely used Sudo utility—employed across Linux and Unix-like systems—to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-32463 and...
Specialists have disclosed a new critical vulnerability in the wireless network configuration procedure of Unitree robots. The flaw, dubbed UniPwn, was detailed on September 20 and affects the quadruped models Go2 and B2, as...
The world’s leading cybersecurity agencies have issued urgent warnings of a critical threat to global network infrastructure: vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower systems are under heavy, coordinated attack. The alarm...