Drupal users, pay attention. A 'highly critical' flaw has landed, and if you're running PostgreSQL, your site is vulnerable. This isn't just about data leaks; it's about full takeover.
Forget incremental updates. SEPPMail Secure E-Mail Gateway just dropped a bomb, revealing a cascade of vulnerabilities that could let attackers not just peek, but take the keys to your entire email kingdom. We're talking remote code execution and unfettered access to every message flowing through your enterprise. This isn't just a patch; it's a seismic shift in how we need to think about email gateway security.
Fortinet's latest patches for FortiSandbox and FortiAuthenticator might sound like tech jargon, but for anyone whose business relies on these security products, it's a wake-up call.
The internet's foundational web server, NGINX, is under fire. A critical flaw is already being weaponized in the wild, with implications ranging from service disruption to full system compromise.
Eighteen years. That's how long a critical flaw sat hidden in NGINX, the web server powering a third of the internet. Discovered recently, this vulnerability can be exploited for serious damage, from crashing servers to executing arbitrary code.
Eighteen years. That's how long a critical NGINX vulnerability sat dormant, waiting to be found. Discovered by depthfirst, NGINX Rift (CVE-2026-42945) allows unauthenticated attackers to execute code remotely.
Exim, the ubiquitous mail server, has a gaping vulnerability. And it took AI seven days to help craft an exploit. That should worry everyone.
A remote code execution vulnerability, CVE-2025-68670, has been discovered lurking within xrdp, the open-source RDP server. This flaw, unearthed during a security audit, highlights a subtle but critical oversight in how client data is handled.
Critical flaws in Google's Gemini CLI and the AI-powered Cursor IDE have been patched, closing doors to widespread code execution. The vulnerabilities, affecting CI/CD pipelines and developer workflows, carried severe risk.
Forget complex hacks; a single 'git push' might now be all it takes to compromise your GitHub repositories. This vulnerability is a stark reminder that even the most foundational tools can harbor hidden dangers.