A critical vulnerability has been discovered in Microsoft SharePoint Server, now actively exploited as part of a widespread cyberattack campaign. The flaw, identified as CVE-2025-53770, carries a staggering severity score of 9.8 out of...
Four vulnerabilities within the Bluetooth stack BlueSDK, developed by OpenSynergy and collectively named PerfektBlue, pose a serious security threat to millions of vehicles. These flaws allow remote code execution on targeted devices and potentially...
Activision has disabled the Microsoft Store version of Call of Duty: WWII after hackers began exploiting a critical vulnerability that enabled remote access to players’ computers. The affected users were those who installed the...
On the second Tuesday of July, Microsoft released its customary Patch Tuesday update package, addressing 137 vulnerabilities across a range of the company’s products. Among them, a particularly notable zero-day vulnerability in Microsoft SQL...
Security researchers have uncovered critical vulnerabilities in SMBClient for macOS that affect both user space and the operating system kernel. These flaws potentially allow for remote execution of arbitrary code and the termination of...
Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...
Exercise caution if you’re planning to play Call of Duty: WWII via Game Pass on PC. Users have begun reporting a critical vulnerability that allows hackers to remotely execute commands on another player’s computer....
Cisco has remedied a critical vulnerability in its Unified Communications Manager (Unified CM), the enterprise telephony management system, which could have granted attackers complete control over affected devices due to a hardcoded superuser account...
A critical vulnerability has been discovered in the popular WordPress plugin Forminator, enabling unauthenticated attackers to arbitrarily delete files from a website. This flaw poses a significant threat, potentially allowing full compromise of targeted...
Anthropic has encountered a critical vulnerability in one of its AI-related projects. The flaw, identified as CVE-2025-49596, affects the Model Context Protocol (MCP) Inspector tool and has been assigned a CVSS severity score of...