VULNERABILITIES 44

• Multiple vulnerabilities in Cybozu Garoon Feb 2, 2026
• Old Windows quirks help punch through new admin defenses Jan 28, 2026
• Foxit, Epic Games Store, MedDreams vulnerabilities Jan 22, 2026
• Schneider Electric devices using CODESYS Runtime Jan 20, 2026
• AVEVA Process Optimization Jan 15, 2026
• The State of Trusted Open Source Jan 8, 2026
• From change prevention to continuous improvement - Automating patch cycles with guardrails, rings, and proof Jan 6, 2026
• WhatsApp Vulnerabilities Leaks User’s Metadata Including Device’s Operating System Jan 5, 2026
• Zeroday Cloud hacking event awards $320,0000 for 11 zero days Dec 17, 2025
• Atlassian Patches Critical Apache Tika Flaw Dec 15, 2025
• Google fixes two Android zero days exploited in attacks, 107 flaws Dec 2, 2025
• Security researchers caution app developers about risks in using Google Antigravity Nov 27, 2025
• Old tech, new vulnerabilities - NTLM abuse, ongoing exploitation in 2025 Nov 26, 2025
• Security Affairs newsletter Round 551 by Pierluigi Paganini – INTERNATIONAL EDITION Nov 23, 2025
• Siemens COMOS Nov 13, 2025
• Microsoft Patch Tuesday for November 2025 — Snort rules and prominent vulnerabilities Nov 11, 2025
• Dangerous runC flaws could allow hackers to escape Docker containers Nov 9, 2025
• HackedGPT – 7 New Vulnerabilities in GPT-4o and GPT-5 Enables 0-Click Attacks Nov 5, 2025
• Critical flaws in Fuji Electric, Delta Electronics, Survision, Radiometrics, IDIS systems raise security concerns for industrial sector Nov 5, 2025
• Exploiting Microsoft Teams Impersonation and Spoofing Vulnerabilities Exposed Nov 4, 2025
• OpenAI’s New Aardvark GPT-5 Agent that Detects and Fixes Vulnerabilities Automatically Nov 2, 2025
• TP-Link warns of critical command injection flaw in Omada gateways Oct 21, 2025
• Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities Oct 16, 2025
• F5 releases BIG-IP patches for stolen security vulnerabilities Oct 15, 2025
• Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors Oct 13, 2025
• CISA issues Emergency Directive requiring federal agencies to mitigate critical Cisco ASA zero-day vulnerabilities Sep 29, 2025
• Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data Aug 20, 2025
• Google's August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild Aug 10, 2025
• ReVault! When your SoC turns against you… Aug 5, 2025
• Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds Aug 1, 2025
• Dahua Camera flaws allow remote hacking. Update firmware now Jul 31, 2025
• Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms Jul 29, 2025
• ToolShell, SharePoint, and the Death of the Patch Window Jul 25, 2025
• ToolShell An all-you-can-eat buffet for threat actors Jul 24, 2025
• Critical Vulnerabilities Found in Tridium Niagara Framework Jul 23, 2025
• The Linuxsys Cryptominer Jul 17, 2025
• Asus and Adobe vulnerabilities Jul 10, 2025
• AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs Jul 10, 2025
• Decrement by one to rule them all AsIO3.sys driver exploitation Jun 26, 2025
• Trix Shots Remote Code Execution on Aviatrix Controller Jun 23, 2025
• Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud Jun 11, 2025
• PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites Jun 9, 2025
• Multiple CVEs in Infoblox NetMRI RCE, Auth Bypass, SQLi, and File Read Vulnerabilities Jun 4, 2025
• New Linux Vulnerabilities Expose Password Hashes via Core Dumps Jun 2, 2025