SecurityWeek

Critical Dolby Vulnerability Patched in Android

The flaw is tracked as CVE-2025-54957 and its existence came to light in October 2025 after it was discovered by Google ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...

Pakistan Faced Over 50 Critical Cybersecurity Flaws on a National Scale: NCERT

The National Computer Emergency Response Team (PKCERT) issued 53 cybersecurity advisories in 2025, warning users and ...
SecurityWeek

CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries

The CISA KEV catalog was expanded with 245 vulnerabilities in 2025, including 24 flaws exploited by ransomware groups.
Dagens.com on MSN

The five AI security threats that moved from theory to reality in 2025

Artificial intelligence promised a leap in productivity this year, particularly as agentic systems began creeping into ...
DMR News

GreyNoise Flags Holiday Exploitation Campaign Targeting Adobe ColdFusion Servers

Security researchers at GreyNoise have reported a coordinated exploitation campaign targeting Adobe ColdFusion servers, with ...
InfoWorld

Open WebUI bug turns the ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...