Critical React Vulnerability Puts Web Servers At Immediate Risk

A newly discovered security flaw in the React ecosystem — one of the most widely used technologies on the web — is prompting ...
Wired

Millions of Vehicles Could Be Hacked and Tracked Thanks to a Simple Website Bug

When security researchers in the past found ways to hijack vehicles' internet-connected systems, their proof-of-concept demonstrations tended to show, thankfully, that hacking cars is hard. Exploits ...
Searchenginejournal.com

2024 WordPress Vulnerability Report Shows Errors Sites Keep Making

WordPress security scanner WPScan’s 2024 WordPress vulnerability report calls attention to WordPress vulnerability trends and suggests the kinds of things website publishers (and SEOs) should be ...
CNET

Perplexity's Comet AI Web Browser Had a Major Security Vulnerability

Imad is a senior reporter covering Google and internet culture. Hailing from Texas, Imad started his journalism career in 2013 and has amassed bylines with The New York Times, The Washington Post, ...
Bleeping Computer

Apache fixes remote code execution bypass in Tomcat web server

Apache has released a security update to address an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ...
Ars Technica

High-severity vulnerability in Passwordstate credential manager. Patch now.

The maker of Passwordstate, an enterprise-grade password manager for storing companies’ most privileged credentials, is urging them to promptly install an update fixing a high-severity vulnerability ...

Critical flaw in WordPress add-on for Elementor exploited in attacks

Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for ...
Linux Journal

Fortifying Linux Web Applications: Mastering OWASP ZAP and ModSecurity for Optimal Security

In an increasingly interconnected digital world, web applications are the backbone of online services. With this ubiquity comes a significant risk: web applications are prime targets for cyberattacks.
Computer Weekly

Google fixes type confusion flaw in Chrome browser

Google has pushed an emergency update to the widely used Chrome browser after identifying an actively exploited zero-day vulnerability in the product, the fourth found so far in 2025. Tracked as ...
Infosecurity-magazine.com

Study Reveals Top Vulnerabilities in Corporate Web Applications

A recent study conducted by Kaspersky Security Assessment experts has revealed the most prevalent vulnerabilities in corporate web applications developed in-house. Spanning the years between 2021 and ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...