Four vulnerabilities within the Bluetooth stack BlueSDK, developed by OpenSynergy and collectively named PerfektBlue, pose a serious security threat to millions of vehicles. These flaws allow remote code execution on targeted devices and potentially...
Activision has disabled the Microsoft Store version of Call of Duty: WWII after hackers began exploiting a critical vulnerability that enabled remote access to players’ computers. The affected users were those who installed the...
On the second Tuesday of July, Microsoft released its customary Patch Tuesday update package, addressing 137 vulnerabilities across a range of the company’s products. Among them, a particularly notable zero-day vulnerability in Microsoft SQL...
Security researchers have uncovered critical vulnerabilities in SMBClient for macOS that affect both user space and the operating system kernel. These flaws potentially allow for remote execution of arbitrary code and the termination of...
Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...
Exercise caution if you’re planning to play Call of Duty: WWII via Game Pass on PC. Users have begun reporting a critical vulnerability that allows hackers to remotely execute commands on another player’s computer....
Cisco has remedied a critical vulnerability in its Unified Communications Manager (Unified CM), the enterprise telephony management system, which could have granted attackers complete control over affected devices due to a hardcoded superuser account...
A critical vulnerability has been discovered in the popular WordPress plugin Forminator, enabling unauthenticated attackers to arbitrarily delete files from a website. This flaw poses a significant threat, potentially allowing full compromise of targeted...
Anthropic has encountered a critical vulnerability in one of its AI-related projects. The flaw, identified as CVE-2025-49596, affects the Model Context Protocol (MCP) Inspector tool and has been assigned a CVSS severity score of...
Google has released security updates for its Chrome browser to address a critical vulnerability for which an active exploit is already in circulation. The issue, tracked as CVE-2025-6554, is classified as a “Type Confusion”...
Cisco has released critical security updates to address two severe vulnerabilities in its network security products. Both issues affect Cisco Identity Services Engine (ISE) and its associated component, the ISE Passive Identity Connector (ISE-PIC)....
Hackers have begun actively exploiting a critical vulnerability that grants them full control over thousands of servers, including those performing vital functions in data centers. This alarming development has prompted a warning from the...
Trend Micro recently received a confidential report from a security researcher disclosing a critical vulnerability in WinRAR version 7.11 and earlier. This high-risk flaw allows threat actors to execute arbitrary code by crafting malicious...
