Manuel BisseyMar 3

A new Chrome vulnerability allowed malicious sites to bypass protections โ€” browsers remain a prime battlefield. Patch fast, browse smart. ๐ŸŒโš ๏ธ #BrowserSecurity #VulnerabilityAlert

https://thehackernews.com/2026/03/new-chrome-vulnerability-let-malicious.html

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and surveillance.

The Hacker News
๐Ÿฆโ€๐Ÿ”ฅnemoโ„ข๐Ÿฆโ€โฌ› ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‰Nov 13

โš ๏ธ Cloud Software Group reveals a medium severity XSS flaw (CVE-2025-12101) in Citrix NetScaler ADC & Gateway platforms! Vulnerable versions include 14.1 before 14.1-56.73 & 13.1 before 13.1-60.32. Immediate patching is crucial to prevent session hijacking & credential theft. ๐Ÿ”’๐Ÿ›ก๏ธ

Details here: https://gbhackers.com/citrix-netscaler-adc-and-gateway-flaw/ #CyberSecurity #XSS #Citrix #NetScaler #VulnerabilityAlert #newz

Citrix NetScaler ADC and Gateway Flaw Allows Cross-Site Scripting (XSS) Attacks

Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms.

GBHackers Security | #1 Globally Trusted Cyber Security News Platform
N-gated Hacker NewsNov 2
๐Ÿšจ Oh no! The X.Org X server has more holes than a Swiss cheese! ๐Ÿง€ For the six people who still use it, the suspense of those 'multiple issues' is killing us. Who knew X could stand for 'xtra' vulnerabilities? ๐Ÿคฆโ€โ™‚๏ธ
https://lists.x.org/archives/xorg-announce/2025-October/003635.html #XOrg #XServer #Vulnerabilities #SwissCheese #CyberSecurity #TechNews #VulnerabilityAlert #HackerNews #ngated
X.Org Security Advisory: multiple security issues X.Org X server and Xwayland

Cyber Kendra Oct 10
๐Ÿšจ CYBER ALERT: Millions of enterprise apps at risk
A new vulnerability, CVE-2025-3600, was discovered in the widely used Telerik UI software. Attackers can exploit it with a single request to crash systems or worse.
๐Ÿ’ก 14 years of versions affected
๐Ÿ’ก 185K+ exposed systems found
๐Ÿ’ก Patches available, but adoption is slow
Organisations: Check your systems NOW ๐Ÿ‘†
https://www.cyberkendra.com/2025/10/critical-telerik-ui-flaw-puts-millions.html
#CyberSecurity #InfoSec #TechNews #DataSecurity #VulnerabilityAlert #EnterpriseSecurity
Hacker NewsOct 1

The God Mode Vulnerability That Should Kill "Trust Microsoft" Forever

https://tide.org/blog/god-mode-vulnerability-microsoft-authorityless-security

#HackerNews #GodMode #Vulnerability #TrustMicrosoft #CyberSecurity #MicrosoftSecurity #VulnerabilityAlert

The God Mode Vulnerability That Should Kill "Trust Microsoft"

How CVE-2025-55241 exposed a catastrophic flaw affecting every Microsoft tenant worldwide, and why authorityless security is the only path forward.

Tide Foundation
TechNaduSep 3, 2025

๐Ÿšจ New KEVs: CISA adds 2 more flaws under active exploitation:
- CVE-2020-24363 (TP-Link TL-WA855RE)
- CVE-2025-55177 (WhatsApp)

๐Ÿ“Œ BOD 22-01 makes KEV patching mandatory for federal agencies โ€” but CISA strongly urges all orgs to follow suit.

๐Ÿ’ฌ Should KEV compliance become industry-wide?

๐Ÿ‘‰ Follow @technadu for vulnerability alerts.

#CISA #KEV #Cybersecurity #TPLink #WhatsApp #VulnerabilityAlert #PatchNow

Show threadchrisAug 20, 2025

@BleepingComputer my favorite: #keepass not among six major password managers shown to be vulnerable to clickjacking: https://www.bleepingcomputer.com/news/security/major-password-managers-can-leak-logins-in-clickjacking-attacks/

anybody knows?

#PasswordSecurity #VulnerabilityAlert

Major password managers can leak logins in clickjacking attacks

Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details.

BleepingComputer
Security LandJul 14, 2025

Critical Wing FTP Server vulnerability (CVE-2025-47812) under active exploitation! Huntress detected real-world attacks achieving root/SYSTEM access through null byte injection. Organizations must update to version 7.4.4 immediately.

#SecurityLand #BusinessShield #CyberSecurity #InfoSec #VulnerabilityAlert #FTP

Read More: https://www.security.land/critical-wing-ftp-server-vulnerability-under-active-attack-cve-2025-47812-exploitation-detected/

Paxion CybersecurityJul 11, 2025

๐Ÿ”ฅ CitrixBleed 2 is live.

A pre-auth memory flaw in Citrix NetScaler leaks passwords, session tokens, and config dataโ€”no login required.

๐Ÿ” Over 200,000 exploit attempts detected.

๐Ÿ›ก๏ธ Secure your infrastructure now.
#CitrixBleed #VulnerabilityAlert #MemoryLeakExploit #CyberProtection #Infosec

NetSec.newsJun 24, 2025
๐Ÿšจ #Qilin #ransomware exploits critical #Fortinet vulnerabilities in automated attacks ๐Ÿ”’ Authentication bypass and arbitrary code execution possible ๐Ÿ“‹ Immediate patching required for FortiOS/FortiProxy devices ๐Ÿฅ Over 300 attacks attributed to group including #healthcare facilities #CyberThreat #CyberSecurity #VulnerabilityAlert ๐Ÿ‘‰ https://www.netsec.news/critical-fortinet-vulnerabilities-qilin-ransomware/
Critical Fortinet Vulnerabilities Exploited by the Qilin Ransomware Group - NetSec.News

The Qilin ransomware group has been noticed exploiting two critical vulnerabilities present in FortiOS/FortiProxy equipment. Although the group seems to be focusing on countries with ... Read more

NetSec.News