CRITICAL ALERT: React2Shell CVE-2025-55182 is Under Active Exploitation!
Overview On December 3, 2025, the security community was alerted to a critical vulnerability in the React Server Components (RSC) ecosystem, now widely referred…
Windows Server Update Service (WSUS) Critical Vulnerability: CVE-2025-59287 Under Active Exploitation
Overview Microsoft has disclosed a critical remote code execution (RCE) vulnerability in Windows Server Update Service (WSUS), tracked as CVE-2025-59287. Initial warnings indicated a…
CRITICAL ALERT: Oracle E-Business Suite Zero-Day Vulnerability, CVE-2025-61882, Under Active Exploitation!
Overview Oracle has just disclosed that a critical zero-day vulnerability, tracked as CVE-2025-61882, has been identified in Oracle E-Business Suite (EBS) and is currently…
Urgent Alert: Microsoft SharePoint Zero-Day Vulnerability “ToolShell” Under Active Attack
Overview Microsoft has just disclosed that a vulnerability in their Microsoft SharePoint Server has been weaponized and is currently being actively exploited in the…
CVE-2025-24813: Critical Apache Tomcat Vulnerability Already Being Exploited – Patch Now!
Overview Apache Tomcat, the free and open-source implementation of the Java Servlet, recently disclosed a critical vulnerability which is being tracked as CVE-2025-24813. This…
Linux CUPS Vulnerability: 4 Critical Flaws Enable RCEs
On Sept 26th, security researcher Simone Margeritelli (@evilsocket) disclosed the discovery of 4 zero-day vulnerabilities in the Common UNIX Printing System (CUPS). CUPS is…
CVE-2024-23897 – Jenkins RCE Exploited in Ransomware Attacks
Introduction On August 19th, CISA added a new vulnerability to its catalog of Known Exploited Vulnerabilities (KEV). Being tracked as CVE-2024-23897 with a…
CVE-2024-6387 – OpenSSH regreSSHion RCE
Overview On Monday, July 1st, researchers from OpenSSH released a security update for a newly identified vulnerability which is being tracked as CVE-2024-6387, and…
CVE-2024-3094 – Dangerous XZ Utils Backdoor is Discovered
On Friday, March 29th, a Microsoft researcher disclosed that he had found malicious code embedded in XZ Utils versions 5.6.0 and 5.6.1. This vulnerability…
CVE-2023-50164 – Remote Code Execution (RCE) Flaw in Apache Struts
On Dec 7th, open-source web server software provider Apache disclosed a new vulnerability with a CVSS score of 9.8, which is currently being tracked…
CVE-2023-46604 – Remote Code Execution (RCE) Flaw in Apache ActiveMQ
On Oct 27th, open-source web server software provider Apache disclosed a new vulnerability with a CVSS score of 10, which is currently being tracked…
CVE-2023-36884 – Nation-State RCE Targets Government Agencies with Malicious Microsoft Office Documents
Updated on 27/07/2023 On July 11th, Microsoft announced they had uncovered a zero-day bug found in numerous Windows and Office products with a criticality…
){kind=icon}
){kind=icon}
){kind=icon}
){kind=icon}