Researchers say threat actors used the sophisticated — and unfortunately named — toolkit to target high-value networks for ...

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...

Log4Shell (CVE-2021-44228) Tip: Remote Code Execution Pogađa: Java aplikacije (Tomcat, Spring, itd.) Portovi: 80 (HTTP); 443 (HTTPS); 8080; 8443 Skeniranje (Nmap NSE script) nmap -p 80,443,8080,8443 - ...

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...

Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn’t the wake-up call it should have been. Back in December 2021, the “internet on fire” headlines weren’t hyperbole. Security ...

Tens of millions of downloads of the popular Java logging library Log4j this year were vulnerable to a CVSS 10.0-rated vulnerability that first surfaced four years ago, according to Sonatype. The ...

The Apache Software Foundation (ASF) has issued a new CVE identifier for a critical security flaw in Apache Tika because its original vulnerability disclosure failed to capture the full extent of ...

When you treat vulnerabilities as clues instead of chores, you uncover threats, fix blind spots and finally make your security program work smarter. For years, I watched organizations treat ...

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" ...