A critical vulnerability has been unearthed within the AVideo platform, empowering adversaries to hijack video broadcasts and commandeer the server entirely bereft of authentication or any user interaction. This affliction imperils media servers and,...
AI agents are increasingly usurping tasks that formerly necessitated manual intervention: executing terminal commands, modifying repository files, managing dependencies, and retrieving utilities from the vast reaches of the internet. This operational paradigm is already...
In recent days it has become apparent that FortiWeb had been accumulating issues the manufacturer chose not to disclose in advance. After Fortinet acknowledged active exploitation of the critical vulnerability CVE-2025-64446 — which allows...
A vulnerability has been discovered in early builds of OpenVPN, allowing attackers to execute arbitrary commands on a user’s machine. The flaw affects versions from 2.7_alpha1 through 2.7_beta1 and poses a serious threat to...
Researchers have identified a large-scale wave of attacks orchestrated by the RondoDox botnet, which employs the so-called “exploit shotgun” technique—literally “firing at everything that moves.” This method involves automatically testing dozens of exploits in...
A new vulnerability has been discovered in OpenSSH — CVE-2025-61984 — which permits remote code execution (RCE) by abusing the ProxyCommand parameter and peculiarities in shell character handling. Exploitation is possible even in the...
The popular design tool Figma has faced a potential security threat due to a vulnerability in the Model Context Protocol (MCP) server, the framework underpinning its integration with AI-driven agents. The issue, discovered in...
CloudSEK researchers have reported a large-scale campaign leveraging a Loader-as-a-Service botnet, which over the past six months has transformed home routers and IoT devices into engines for cryptocurrency mining and Mirai-style attacks. An analysis...
