During extraction, 7-Zip may follow or recreate symlinks without verifying they remain inside the intended destination. A crafted ZIP that points outside the target tree can cause writes or ...

CVE-2023-42770 - An authentication bypass that arises as a result of the Sixnet RTU software listening to the same port ...

F5 was recently targeted by state-sponsored threat actors who managed to steal sensitive information from the company’s ...

CVE-2025-47827, a 4.6-rated Secure Boot bypass flaw, has also been found and abused by miscreants. It exists in Linux-based ...

Cybersecurity company Imperva, which discovered and reported the problem in July 2025, described CVE-2025-53967 as a "design oversight" in the fallback mechanism that could allow bad actors to achieve ...

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary ...

More information has come to light on the cyberattack disclosed on Wednesday by security and application delivery solutions ...

The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote ...

According to Microsoft's investigation, the attack chain started when users were tricked into visiting exploitative websites.

WordPress vulnerability rated 9.8 enables unauthenticated attackers to launch attacks and obtain sensitive data.

CERT-In issues high-severity alerts for Microsoft products and Google Chrome vulnerabilities, warning of remote code ...