Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms
A decade-old Remote Code Execution (RCE) flaw in Roundcube, the widely used open-source email client, has escalated into a global…
Windows 11 fails to start after KB5058405 update
The recent disclosure by Microsoft regarding the KB5058405 cumulative update for Windows 11 has significant implications for enterprise cybersecurity and…
Analysis of recent high-severity vulnerabilities in GitLab and Atlassian products
Both GitLab and Atlassian have recently released critical security patches addressing a series of high-severity vulnerabilities across their core product…
Malicious npm packages hijack macOS Cursor AI IDE
The Socket Threat Research Team has uncovered a sophisticated supply chain attack targeting macOS developers using the Cursor AI code…
Stealthy Linux backdoor leveraging residential proxies and NHAS reverse SSH
A recently discovered Linux backdoor (SHA256: ea41b2bf1064efcb6196bb79b40c5158fc339a36a3d3ddee68c822d797895b4e) employs advanced evasion techniques to bypass detection while establishing persistent access via SOCKS5…
MITRE Signals Critical Risk to CVE Program as Federal Funding Expires
The cybersecurity world faces a significant challenge as the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global vulnerability…
Surge in Palo Alto Networks scanner activity
GreyNoise has detected a significant surge in login scanning activity aimed at Palo Alto Networks PAN-OS GlobalProtect portals. In the…
Critical Remote Code Execution vulnerability discovered in GiveWP WordPress Plugin (CVE-2025-0912)
A critical security vulnerability, identified as CVE-2025-0912, has been discovered in the GiveWP WordPress donation plugin. This flaw potentially exposes…