Security News

Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363)
2025-02-27 09:27

A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain...

Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time
2025-02-27 00:52

Boffins poked around inside censorship engines for years before Beijing patched hole Smart folks investigating a memory-dumping vulnerability in the Great Firewall of China (GFW) finally released...

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
2025-02-21 07:26

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited...

Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
2025-02-20 04:36

Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under...

Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
2025-02-20 04:29

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities...

Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
2025-02-18 12:18

Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be...

PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
2025-02-14 05:03

Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a...

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
2025-02-12 14:04

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation...

CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability
2025-02-07 12:52

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active...

Navigating the Future: Key IT Vulnerability Management Trends
2025-02-05 11:00

As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that...