Security researcher finds vulnerability in internet-connected bed, could allow access to ...
Web-connected smart bed provider Eight Sleep revealed to be including an SSH backdoor in its beds, as well as exposing a live ...
Infosecurity-magazine.com1 小时
Essential Addons for Elementor XSS Vulnerability Discovered
A critical security vulnerability in Essential Addons for Elementor has been identified, potentially impacting over two ...
Microsoft Power Pages vulnerability exploited in the wild
The high-severity privilege escalation flaw in Microsoft's website building application was disclosed and patched last week.
AccessIT Group Launches Advanced Subscription-based Solutions for Vulnerability and ...
AccessIT Group, a trusted provider of specialized cybersecurity services and solutions, is excited to announce the launch of ...
Another serious WordPress plugin vulnerability could put 40,000 sites at risk of attack
Security researchers find high-severity flaw in popular WordPress plugin It allowed threat actors to run malicious code ...
Palo Alto Networks warns of another firewall vulnerability under attack by hackers
The US cybersecurity giant says hackers are exploiting the high-severity flaw to break into unpatched customer networks.
OpenH264: Vulnerability in Cisco's video codec jeopardizes Firefox
A vulnerability in Cisco's video codec OpenH264 allows attackers to smuggle in malicious code. Firefox is also at risk.
Winzip: Vulnerability allows malicious code to be injected
A vulnerability in Winzip allows attackers to inject arbitrary code with manipulated archives. An update corrects this.
The Hacker News3 天
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
Microsoft patches two critical flaws in Bing and Power Pages, including CVE-2025-21355, an actively exploited RCE ...
The Hacker News10 天
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
PostgreSQL SQL injection flaw (CVE-2025-1094) exploited alongside BeyondTrust zero-day, enabling arbitrary code execution.
SecurityWeek1 天
CISA Warns of Attacks Exploiting Craft CMS Vulnerability
CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog.