security vulnerability
-
High-severity authentication bypass patched in Passwordstate credential manager, vendor says
Click Studios has released a patch for Passwordstate to fix a high-severity authentication bypass vulnerability that could allow attackers to access the emergency access page and the admin area. The vulnerability affects Passwordstate deployments used by thousands of customers and security professionals, with a CVE identifier not yet assigned. The company has published a forum…
-
Over 29,000 Microsoft Exchange Servers Remain Vulnerable to Severe Exploit
Over 29,000 Microsoft Exchange servers remain unpatched against a critical security flaw, CVE-2025-53786, which allows attackers to escalate privileges and potentially compromise entire domains. This vulnerability has prompted emergency directives from U.S. federal agencies to enforce patching.
-
Naval Group Investigates Cyber Attack Exposing Sensitive Data
Naval Group, a major player in the French defense industry, is investigating a cyber attack after hackers leaked sensitive internal data online. The incident raises serious security concerns as the hackers threaten to disseminate additional data if no response is received.
-
Mitel Issues Critical Security Patch for MiVoice MX-ONE Amid Vulnerability Concerns
Mitel Networks has released critical security updates for its MiVoice MX-ONE platform, addressing an authentication bypass vulnerability and a high-severity SQL injection flaw in MiCollab, urging customers to apply patches promptly.
-
Serious eSIM Vulnerability Exposed in Kigen’s Technology Poses Major Risks to Users
Cybersecurity researchers have uncovered a concerning vulnerability in Kigen’s eSIM technology that may expose users to significant security risks, as noted by Security Explorations, which was awarded a $30,000 bounty for its findings.
-
Serious Vulnerability Found in Zyxel Devices Sparks Security Concerns
A serious vulnerability, CVE-2023-28771, affects Zyxel devices, prompting warnings from cybersecurity experts after a spike in exploit attempts was detected. Owners are urged to secure their devices against potential threats.
-
Critical Vulnerability Discovered in ASUS Armoury Crate Software
A serious vulnerability in ASUS Armoury Crate software could allow attackers to achieve SYSTEM-level privileges on Windows machines, according to a report detailing the flaw. Users are urged to update their applications to mitigate potential risks.
-
Cisco IOS XE Flaw Exposes Devices to Security Risks
A recently disclosed vulnerability in Cisco IOS XE software allows unauthorized remote access, potentially exposing devices to significant security risks. Cisco and independent researchers urge immediate actions for mitigation.
