A critical breakdown in one of the most trusted Node.js sandbox libraries is putting countless applications … vm2 Vulnerabilities Enable Full System TakeoverRead more
application security
Python Asyncio Vulnerability (CVE-2026-3298) Explained
A single missing boundary check in a widely used programming language can open the door to … Python Asyncio Vulnerability (CVE-2026-3298) ExplainedRead more
Critical Atlassian Bamboo Flaw Enables Remote Command Injection
A severe vulnerability has been disclosed in Atlassian Bamboo Data Center and Server, exposing enterprise CI/CD … Critical Atlassian Bamboo Flaw Enables Remote Command InjectionRead more
Apache Syncope RCE Vulnerability CVE-2025-57738 Explained
The Apache Syncope RCE vulnerability (CVE-2025-57738) has exposed a serious security gap in one of the … Apache Syncope RCE Vulnerability CVE-2025-57738 ExplainedRead more
Lovable API BOLA Vulnerability Exposes Thousands of Projects
APIs are the backbone of modern applications—but they’re also one of the most exploited attack surfaces … Lovable API BOLA Vulnerability Exposes Thousands of ProjectsRead more
Critical ShowDoc RCE Vulnerability Actively Exploited in the Wild
A critical ShowDoc RCE vulnerability (CNVD-2020-26585) is currently being actively exploited in the wild, putting organizations … Critical ShowDoc RCE Vulnerability Actively Exploited in the WildRead more
PayPal Data Breach Exposes SSNs and Business PII for Months
PayPal has disclosed a data breach impacting customers who applied for loans through its PayPal Working … PayPal Data Breach Exposes SSNs and Business PII for MonthsRead more
LangChain Flaw Lets Hackers Steal Secrets via AI Prompts
A critical vulnerability in LangChain’s core library—tracked as CVE-2025-68664—allows attackers to exfiltrate sensitive environment variables and … LangChain Flaw Lets Hackers Steal Secrets via AI PromptsRead more