A recent investigation by a group of researchers has unveiled a significant security concern, revealing over 100 vulnerabilities within LTE and 5G network implementations. These vulnerabilities pose risks that could allow an attacker to disrupt cellular services and potentially gain unauthorized access to the core network. The study, conducted by…
A significant security vulnerability has been identified within Meta’s Llama large language model (LLM) framework. This flaw, if effectively exploited, may enable an attacker to execute arbitrary code on the llama-stack inference server. Known as CVE-2024-50050, this vulnerability has received a CVSS score of 6.3 out of 10 from the…
Multiple Vulnerabilities Discovered in GitHub Desktop and Related Projects Recently, a series of critical security vulnerabilities have been uncovered in GitHub Desktop and various Git-related projects, potentially allowing unauthorized access to users’ Git credentials. These vulnerabilities, collectively referred to as “Clone2Leak,” pose significant risks to developers and organizations relying on…
In a recent security announcement, Apple has disclosed the availability of critical software updates designed to rectify multiple security vulnerabilities, including a zero-day flaw that has reportedly been exploited in live attacks. This vulnerability, identified as CVE-2025-24085 with a CVSS score of 7.3, manifests as a use-after-free bug within the…
Recently, cybersecurity experts identified and disclosed a critical vulnerability in a widely used online travel service, which specializes in hotel and car rentals. This vulnerability, now patched, allowed adversaries to take control of user accounts, posing a significant risk to millions of airline customers. According to Salt Labs, a firm…
Critical Vulnerability in Zyxel Devices Under Active Exploitation Cybersecurity experts have issued urgent warnings regarding a severe zero-day vulnerability affecting Zyxel CPE Series devices, with reports of ongoing exploitation attempts. Dubbed CVE-2024-40891, this command injection vulnerability enables attackers to execute arbitrary commands on compromised devices, potentially resulting in full system…
Warning Issued Over Critical Vulnerability in VMware Avi Load Balancer Broadcom has announced a significant security vulnerability in VMware’s Avi Load Balancer, classified as high severity, which could potentially be exploited by malicious actors to gain unauthorized access to sensitive database information. The vulnerability is labeled CVE-2025-22217, with a CVSS…
A serious security vulnerability has been identified in the open-source network monitoring and fault management tool, Cacti. This flaw poses a risk of remote code execution for authenticated users on affected installations. The issue has been assigned the identifier CVE-2025-22604 and has garnered a high CVSS score of 9.1 out…
A recent analysis from a team at Georgia Institute of Technology and Ruhr University Bochum has unveiled two significant side-channel attacks specifically targeting Apple silicon chips, notably affecting popular web browsers such as Safari and Google Chrome. The attacks have been aptly codenamed Data Speculation Attacks via Load Address Prediction…
