Critical RCE flaw in Apache Tomcat actively exploited in attacks
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as…
Facebook discloses FreeType 2 flaw exploited in attacks
Facebook is warning that a FreeType vulnerability in all versions up to…
Critical PHP RCE vulnerability mass exploited in new attacks
Threat intelligence company GreyNoise warns that a critical PHP remote code execution…
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is…
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical…
Google fixes Android kernel zero-day exploited in attacks
The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day…
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web…
Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE…
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities…