CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Dec 18, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure…
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been…
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released…
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure…
Microsoft Issues Security Fixes for 56 Flaws, Including Active Exploit and Two Zero-Days
Microsoft closed out 2025 with patches for 56 security flaws in various…
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability
Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties…
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure…
SecAlerts Cuts Through the Noise with a Smarter, Faster Way to Track Vulnerabilities
Vulnerability management is a core component of every cybersecurity strategy. However, businesses…
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Nov 22, 2025Ravie LakshmananZero-Day / Software Security The U.S. Cybersecurity and Infrastructure…