Content Paint
Search
Sign in
Membership

vulnerabilities

Security  | Sep 04, 2025
Recyled keys exploited in Fortune 500-serving Sitecore attacks
Recyled keys exploited in Fortune 500-serving Sitecore attacks

The threat actor has been moving laterally, stealing user tokens and maintaining persistence via a range of techniques.

Security  | Sep 01, 2025
WhatsApp users warned over zero-click exploits
The shadow of a person's upper body on a metal wall. WhatsApp patched a zero click bug tied to a spyware campaign

Vulnerability chained with Apple exploit patched in August but Android users may also be affected.

Security  | Aug 27, 2025
Well look here! Another Netscaler 0day is getting exploited
Well look here! Another Netscaler 0day is getting exploited

"Publishing security advisories for such critical issues with such limited information only serves to hurt defenders and threat hunters"

Security  | Aug 21, 2025
Apple issues urgent patch to stop "sophisticated" iOS attacks
A rotting apple swarmed by ants. Apple has issued an out of bounds update to fix an iOS issue exploited in the wild.

"Malicious" images giving hackers access.

Security  | Aug 19, 2025
Hackers using 2-year old vuln to breach and patch Linux servers
A glass of water splashes, spraying drops of water. DripDropper is a maware loader installed via an Apache ActiveMQ vulnerability.

"A great way to potentially lock out other adversaries."

Security  | Aug 13, 2025
New TETRA flaws put critical encrypted radio systems at risk
A police officer holding a walkie talkie while overlooking a large crowd. Law enforcement is one of the primary use cases for the TETRA radio protocol

Issues include a faulty fix to an issue disclosed two years ago.

vulnerabilities  | Aug 11, 2025
SonicWall: No zero day detected, this is a creds issue
SonicWall: No zero day detected, this is a creds issue

Attacks appear to be "linked to legacy credential use during migrations from Gen 6 to Gen 7 firewalls"

vulnerabilities  | Aug 04, 2025
SonicWall tells customers to disable SSLVPN amid zero day fears
SonicWall zero day exploited ransomware

"Once on the network, the attackers don't waste time. Their actions are a mix of automated scripts for speed and hands-on-keyboard activity"

Security  | Jul 29, 2025
Five questions for AWS after a troubling supply chain breach
Five questions for AWS after a troubling supply chain breach

“Someone intentionally slipped a live grenade into prod and AWS gave it version release notes.”

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.