OWASP has updated its list of the most critical risks for web applications, introducing two new categories and revising the structure of its ranking. The organization has published a draft of the 2025 edition,...
Synology has patched a zero-day vulnerability in its BeeStation devices, demonstrated at the recent Pwn2Own competition. The flaw, assigned CVE-2025-12686, falls under the category of “buffer copy without input-size validation,” enabling an attacker to...
Mandiant researchers have uncovered active exploitation of a zero-day vulnerability in the Gladinet Triofox remote access and file-sharing platform. CVE-2025-12480 allowed attackers to bypass authorization and reach configuration pages of the web interface, through...
The Taiwanese company QNAP has released updates for its systems addressing seven zero-day vulnerabilities unveiled by participants at Pwn2Own Ireland 2025. The flaws affected the company’s proprietary operating systems QTS and QuTS hero, as...
A next-generation spyware operated undetected for nearly a year, hiding deep within Samsung Galaxy smartphones and exploiting a vulnerability unknown to the manufacturer. Researchers from Palo Alto Networks Unit 42 revealed that the malware,...
Google has released an emergency security update for the Chrome browser, addressing a series of vulnerabilities that could allow remote code execution and potential system takeover. The update, issued on 5 November 2025, is...
Cisco has warned customers of a fresh wave of attacks against its firewalls: adversaries have been striking vulnerable appliances for at least six months, and in early November a new exploitation variant emerged. In...
Tenable Research has identified seven new vulnerabilities and exploitation techniques in ChatGPT that allow attackers to extract private user data, bypass security mechanisms, and persist access across sessions. These findings expose a series of...
Vulnerabilities in corporate messengers are no longer a rarity, yet this time the threat is of a far more alarming magnitude. The Check Point research team has uncovered four critical flaws in Microsoft Teams...
A serious vulnerability has been discovered in AMD processors based on the Zen 5 architecture, posing a potential threat to the cryptographic integrity of affected systems. The flaw compromises the hardware implementation of the...