Cookie without SameSite Attribute

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets

Telegram CEO leaves France temporarily as criminal probe continues

Microsoft: New RAT malware used for crypto theft, reconnaissance

OKX suspends DEX aggregator after Lazarus hackers try to launder funds

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

Supply chain attack on popular GitHub Action exposes CI/CD secrets

Microsoft: March Windows updates mistakenly uninstall Copilot

Critical RCE flaw in Apache Tomcat actively exploited in attacks

Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

CVE-2025-24201 Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability

CVE-2025-21590 Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability

CVE-2025-26633 Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability

CVE-2025-24983 Microsoft Windows Win32k Use-After-Free Vulnerability

CVE-2025-24984 Microsoft Windows NTFS Information Disclosure Vulnerability

CVE-2025-24985 Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability

CVE-2025-24991 Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability

CVE-2025-24993 Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability

CVE-2025-25181 Advantive VeraCore SQL Injection Vulnerability

CVE-2024-57968 Advantive VeraCore Unrestricted File Upload Vulnerability

MediumInteger Overflow Error

LowStrict-Transport-Security Malformed Content (Non-compliant with Spec)

HighSQL Injection - MsSQL

LowCSP: X-Content-Security-Policy

HighViewstate without MAC Signature (Unsure)

InformationalStorable but Non-Cacheable Content

MediumApplication Error Disclosure via WebSockets

MediumHTTPS to HTTP Insecure Transition in Form Post

HighCross-Domain Misconfiguration - Silverlight

InformationalInformation Disclosure - Sensitive Information in URL

CWE-693 Protection Mechanism Failure

CWE-1426 Improper Validation of Generative AI Output

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-1053 Missing Documentation for Design

CWE-1125 Excessive Attack Surface

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-1064 Invokable Control Element with Signature Containing an Excessive Number of Parameters

CWE-1091 Use of Object without Invoking Destructor Method

CWE-1173 Improper Use of Validation Framework

CWE-1230 Exposure of Sensitive Information Through Metadata