A critical vulnerability has been discovered in AMD’s SEV-SNP hardware protection architecture — widely deployed by major cloud providers such as AWS, Microsoft Azure and Google Cloud — that allows a malicious hypervisor to...
The Microsoft Edge Security Team has introduced sweeping changes to the operation of Internet Explorer Mode after confirming a series of targeted cyberattacks exploiting its legacy components. Experts discovered that malicious actors had been...
The market has begun to see the emergence of the first truly functional solutions that harness artificial intelligence to detect vulnerabilities in source code. This new generation of AI-SAST systems — often referred to...
Analysts at Huntress have detected active exploitation attempts targeting a newly discovered vulnerability in CentreStack and TrioFox products by Gladinet. Tracked as CVE-2025-11371, the flaw is classified as a Local File Inclusion (LFI) vulnerability...
Researchers at FireTail have discovered the resurrection of an old-class flaw — ASCII Smuggling — now resurfacing in a modern guise capable of subverting contemporary artificial-intelligence systems. In September 2025, the team evaluated a...
Two critical vulnerabilities discovered in the 7-Zip archiver allowed remote execution of arbitrary code when processing ZIP files. The flaws stemmed from how the program handled symbolic links within archives, enabling attackers to traverse...
In June 2025, a researcher operating under the pseudonym rick disclosed a critical vulnerability in GitHub Copilot dubbed CamoLeak, rated CVSS 9.6. The flaw enabled an attacker to surreptitiously exfiltrate sensitive information and source...
Wiz researchers have recently disclosed a critical vulnerability in Redis affecting version 8.2.1 and earlier releases. Tracked as CVE-2025-49844 with a CVSS score of 10, the flaw stems from unsafe memory handling during the...
A new vulnerability has been discovered in OpenSSH — CVE-2025-61984 — which permits remote code execution (RCE) by abusing the ProxyCommand parameter and peculiarities in shell character handling. Exploitation is possible even in the...
The popular design tool Figma has faced a potential security threat due to a vulnerability in the Model Context Protocol (MCP) server, the framework underpinning its integration with AI-driven agents. The issue, discovered in...