Power management systems are the backbone of business continuity. But what happens when the very software … Critical Eaton UPS Companion Vulnerabilities: What You Need to KnowRead more
Vulnerabilities
MongoBleed Added to CISA KEV: Why CVE‑2025‑14847 Demands Immediate Action
On December 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE‑2025‑14847—known as MongoBleed—to its … MongoBleed Added to CISA KEV: Why CVE‑2025‑14847 Demands Immediate ActionRead more
Bluetooth Vulnerabilities in Airoha-Based Devices: What You Need to Know
Imagine attackers hijacking your smartphone without pairing or consent—just because your Bluetooth headphones are nearby. That’s … Bluetooth Vulnerabilities in Airoha-Based Devices: What You Need to KnowRead more
MongoBleed (CVE‑2025‑14847): Inside the Ubisoft Breach & How to Defend Your Databases
Ubisoft’s Rainbow Six Siege servers were compromised today via the MongoBleed (CVE‑2025‑14847) vulnerability, igniting a cascade … MongoBleed (CVE‑2025‑14847): Inside the Ubisoft Breach & How to Defend Your DatabasesRead more
LangChain Flaw Lets Hackers Steal Secrets via AI Prompts
A critical vulnerability in LangChain’s core library—tracked as CVE-2025-68664—allows attackers to exfiltrate sensitive environment variables and … LangChain Flaw Lets Hackers Steal Secrets via AI PromptsRead more
HPE OneView CVE-2025-37164: Critical RCE—Fix Now
When a management plane flaw hits CVSS 10.0, CISOs and SOC leaders know it’s an “drop … HPE OneView CVE-2025-37164: Critical RCE—Fix NowRead more
Windows RasMan Vulnerability: CVE-2025-59230 Exploit Chain Explained
Privilege escalation vulnerabilities remain a top concern for enterprise security teams. In October 2025, Microsoft patched … Windows RasMan Vulnerability: CVE-2025-59230 Exploit Chain ExplainedRead more
Google Warns of Active Exploitation Targeting React and Next.js Servers
Google Threat Intelligence Group (GTIG) has issued a high-severity warning about the active exploitation of a … Google Warns of Active Exploitation Targeting React and Next.js ServersRead more
15 Zero-Days Used to Hack Phones in Intellexa Campaign
A commercial spyware vendor known as Intellexa has been linked to at least 15 zero-day vulnerabilities … 15 Zero-Days Used to Hack Phones in Intellexa CampaignRead more
Iskra iHUB Security Vulnerability: A Critical Warning for Energy Infrastructure
A severe authentication vulnerability has been discovered in Iskra’s iHUB and iHUB Lite intelligent metering gateways, … Iskra iHUB Security Vulnerability: A Critical Warning for Energy InfrastructureRead more