QNAP has urgently released firmware updates to fix seven critical zero-day vulnerabilities in its NAS operating systems. These flaws were […]
Seven Critical QNAP Zero-Days Patched After Pwn2Own Exploitation Read More »
A critical zero-day vulnerability affecting Samsung Galaxy devices is being exploited in the wild. Attackers are using a specially crafted
Zero-Click Samsung Galaxy Exploit via WhatsApp Image (CVE-2025-xxxx) Read More »
Researchers have released “Whisper Leak,” a toolkit demonstrating a side-channel attack that can infer the topics of encrypted AI chatbot
New “Whisper Leak” Toolkit Decrypts Real-Time AI Chat Traffic Read More »
Palo Alto Networks Unit 42 has uncovered “LANDFALL,” a sophisticated Android spyware campaign that exploited a critical zero-day in Samsung’s
“LANDFALL” Spyware Exploited Samsung Zero-Day (CVE-2025-21042) in Targeted Attacks Read More »
Microsoft researchers have uncovered “Whisper Leak,” a novel side-channel attack that allows passive network observers to infer the specific topics
Microsoft Reveals “Whisper Leak”: AI Chat Topics Exposed Despite Encryption Read More »
A new report from ENISA, the EU’s cybersecurity agency, highlights that public administration bodies are being increasingly targeted by hacktivists.
ENISA Report: DDoS Attacks Surge Against EU Public Administration Read More »
A new report from BitSight reveals a significant security gap between financial firms and their third-party vendors. While the financial
Financial Sector Vendors Have Weaker Security Than Banks, Creating Risk Read More »
Hyundai AutoEver America, the in-house IT and software company for Hyundai and Kia, has disclosed a data breach. Attackers had
Hyundai AutoEver (IT Firm for Hyundai & Kia) Discloses Data Breach, SSNs Stolen Read More »
A critical (CVSS 9.8) vulnerability, CVE-2025-11953, has been disclosed in the popular “@react-native-community/cli” NPM package, which has ~2 million weekly
Critical (CVSS 9.8) Flaw in React Native NPM Package Exposes Developers to RCE Read More »
Cisco has released patches for two critical vulnerabilities in its Unified Contact Center Express (UCCX) appliance. The most severe, CVE-2025-20354
Critical RCE Flaws in Cisco Contact Center (CVSS 9.8) Allow Root Access Read More »
