Advenica’s File Scanner Kiosk scans USB media for malware
Advenica announced the File Scanner Kiosk, a system that scans USB media for malware and helps businesses reduce infection risk. With the reliance on externa...
Vulnerability Disclosure
20 articles
Patch windows collapse as time-to-exploit accelerates
The gap between vulnerability disclosure and exploitation is drastically decreasing, putting security teams’ patching practices on notice. According to Rapid...
Multiple SonicWall Flaws Enable SQL Injection and Privilege Escalation Attacks
SonicWall has published a critical security advisory addressing four distinct vulnerabilities in its SMA1000 series appliances. These security flaws open the...
[webapps] Jumbo Website Manager - Remote Code Execution
Jumbo Website Manager - Remote Code Execution
[local] ZSH 5.9 - RCE
ZSH 5.
[webapps] React Server 19.2.0 - Remote Code Execution
React Server 19.2.
Cracks in the Bedrock: Agent God Mode
Unit 42 reveals "Agent God Mode" in Amazon Bedrock AgentCore. Broad IAM permissions lead to privilege escalation and data exfiltration risks.
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
CISA has given U.S.
13-year-old bug in ActiveMQ lets hackers remotely execute commands
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exp...
Data Leakage Vulnerability Patched in OpenSSL
A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL. The post Data Leakage Vulnerability Patched i...
Critical Ninja Forms vulnerability allows remote code execution
The vulnerability, affecting versions up to 3.3.
Outdated software on Macs and mobile devices poses significant security risk
The research highlights that nearly all assessed mobile apps (95%) contain at least one medium-severity vulnerability.
Critical Vulnerability in Ninja Forms Exposes WordPress Sites
Ninja Forms File Upload RCE via unauthenticated arbitrary file upload; update to 3.3.
RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years
The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication. The post RCE Bug Lurk...
Hackers exploit a critical Flowise flaw affecting thousands of AI workflows
Threat actors have found a way to inject arbitrary JavaScript into the Flowise low-code platform for building custom LLM and agentic systems. The code inject...
Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover
The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution. The post Hackers Targeting Ninja Forms Vulne...
Claude Discovers Apache ActiveMQ Bug Hidden for 13 Years
Anthropic’s Claude AI has helped researchers find a vulnerability in Apache ActiveMQ Classic
Cybersecurity jobs available right now: April 8, 2026
Application Security Engineer Liebherr Group | Germany | On-site – View job details As an Application Security Engineer, you will implement security testing ...
[webapps] Horilla v1.3 - RCE
Horilla v1.
[webapps] FortiWeb 8.0.2 - Remote Code Execution
FortiWeb 8.0.