The Hacker News4d
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code ...
CSO Online9d
Critical remote code execution flaw patched in Veeam backup servers
Data resilience solutions provider Veeam Software released a critical patch for its Veeam Backup & Replication product. The ...
SecurityWeek2d
Splunk Patches Dozens of Vulnerabilities
Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway ...
Dozens of solar inverter flaws could be exploited to attack power grids
Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be ...
WordPress security plugin WP Ghost vulnerable to remote code execution bug
Popular WordPress security plugin WP Ghost is vulnerable to a critical severity flaw that could allow unauthenticated ...
SecurityWeek4d
IngressNightmare Flaws Expose Kubernetes Clusters to Remote Hacking
Critical remote code execution vulnerabilities found by Wiz researchers in Ingress NGINX Controller for Kubernetes.
Critical Apache Tomcat RCE vulnerability exploited
Attack attempts via CVE-2025-24813 are underway, but successful attacks require specific, non-default configurations, ...
NCERT Warns Against Apache Tomcat Flaw Which Lets Hackers Take Over Servers
The National Computer Emergency Response Team (NCERT) has issued an advisory regarding a critical security vulnerability in ...
Hackaday1d
This Week In Security: IngressNightmare, NextJS, And Leaking DNA
This week, researchers from Wiz Research released a series of vulnerabilities in the Kubernetes Ingress NGINX Controller ...
The Hacker News9d
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
According to Bazydlo and researcher Sina Kheirkhah, CVE-2025-23120 stems from Veeam's inconsistent handling of ...