Security News

Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4.

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. [...]

Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems. The vulnerabilities...

Artificial intelligence company OpenAI has announced a fivefold increase in the maximum bug bounty rewards for "exceptional and differentiated" critical security vulnerabilities from $20,000 to...

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar power system vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control...

Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw –...

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active...

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. [...]

Screenshot shows company head unhappy, claiming 'real CVE is pending' CrushFTP's CEO is not happy with VulnCheck after the CVE numbering authority (CNA) released an unofficial ID for the critical...

CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable...