GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely
Imagination Technologies, a leader in GPU innovation, has issued updates to address a series of critical vulnerabilities identified in its GPU driver software.
Imagination Technologies is a global leader in developing GPUs, AI solutions,...
Critical macOS Sandbox Vulnerability (CVE-2024-54498) PoC Exploit Released Online
A proof-of-concept exploit was released for a critical vulnerability impacting macOS systems, identified as CVE-2024-54498.
Security researcher @wh1te4ever recently revealed a proof-of-concept (PoC) exploit showcasing how the flaw allows malicious applications to escape the...
33,542 Ivanti Connect Secure Instances Exposed as Exploitation of CVE-2025-0282 Unfolds
A critical security vulnerability, CVE-2025-0282, has been identified and exploited in the wild, affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways.
This stack-based buffer overflow vulnerability, rated with a CVSS score...
IBM watsonx.ai Vulnerability Let Attackers Embed Arbitrary JavaScript Code in Web UI
IBM disclosed a significant vulnerability in its watsonx.ai platform, potentially exposing users to cross-site scripting (XSS) attacks. The vulnerability, identified as CVE-2024-49785, affects both IBM watsonx.ai on Cloud Pak for Data and standalone IBM...
Researchers Hacked into Apple’s New USB-C Controller
Security researchers have successfully hacked Apple's proprietary ACE3 USB-C controller. This chip, introduced with the iPhone 15 and iPhone 15 Pro, represents a significant leap in USB-C technology, handling power delivery and acting as...
2,048 Ivanti VPN Instances Vulnerable to Exploited Zero-Day Attacks
A critical security vulnerability in Ivanti Connect Secure VPN appliances has left 2,048 instances worldwide exposed to potential exploitation, with the United States hosting the highest number of vulnerable systems.
The vulnerability tracked as CVE-2025-0282,...
Critical Samsung 0-Click Vulnerability Found in S24 and S23 Devices Got Fixed
On September 21, 2024, a critical security vulnerability was identified by Google researchers in the Monkey's Audio (APE) decoder used in Samsung’s flagship Galaxy S23 and S24 devices.
Now it got fixed after 3...
PoC Exploit Released For Apache Struts Remote Code Execution Vulnerability
A proof-of-concept (PoC) exploit for the critical Apache Struts vulnerability, CVE-2024-53677, has been publicly released, raising alarm across the cybersecurity community.
This vulnerability, which scores a 9.5 on the CVSS scale, allows attackers to execute...
.webp?w=324&resize=324,235&ssl=1 "Palo Alto Networks Expedition Tool Vulnerability Exposes Firewall Credentials")
Palo Alto Networks Expedition Tool Vulnerability Exposes Firewall Credentials
Multiple vulnerabilities in Palo Alto Networks' Expedition migration tool have been discovered, potentially exposing sensitive firewall credentials, including usernames, cleartext passwords, device configurations, and API keys.
These vulnerabilities pose significant risks to organizations using...
.webp?w=324&resize=324,235&ssl=1 "Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild")
Ivanti VPN Zero-Day Vulnerability Actively Exploited in the Wild
Ivanti has disclosed actively exploiting a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure VPN appliances.
This vulnerability allows unauthenticated remote code execution and has already been exploited in a limited number of cases.
A...
Recent Posts
Cisco Warns of IOS XR Software Vulnerability That Let Attackers Trigger...
Cisco has issued security advisories for multiple vulnerabilities affecting its IOS XR Software, with particular emphasis on a significant memory corruption vulnerability in the...