Security News

Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
2025-04-04 03:38

A maximum severity security vulnerability has been disclosed in Apache Parquet's Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on...

Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities
2025-04-02 18:19

Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4.

Critical auth bypass bug in CrushFTP now exploited in attacks
2025-04-01 12:46

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. [...]

Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
2025-04-01 11:28

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities...

OpenAI now pays researchers $100,000 for critical vulnerabilities
2025-03-28 17:54

Artificial intelligence company OpenAI has announced a fivefold increase in the maximum bug bounty rewards for "exceptional and differentiated" critical security vulnerabilities from $20,000 to...

Researchers Uncover 46 Critical Flaws in Solar Power Systems From Sungrow, Growatt, and SMA
2025-03-28 13:21

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar power system vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control...

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
2025-03-28 10:57

Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw –...

Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
2025-03-28 05:44

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active...

Mozilla warns Windows users of critical Firefox sandbox escape flaw
2025-03-27 14:48

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]

CrushFTP CEO's feisty response to VulnCheck's CVE for critical make-me-admin bug
2025-03-27 13:20

Screenshot shows company head unhappy, claiming 'real CVE is pending' CrushFTP's CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical...