Vulnerabilities
Security weaknesses in systems and software
-
QNAP Issues Urgent Updates for Critical NAS Vulnerabilities Exposed at Pwn2Own
QNAP has issued a series of critical security updates following the discovery of eight severe vulnerabilities, enabling remote attackers to gain complete control over affected NAS systems.
-
Google’s AI System Identifies Critical WebKit Vulnerabilities, Underscoring Machine Learning’s Evolving Role in Cybersecurity
Google’s AI system has successfully identified critical vulnerabilities within Apple’s WebKit, demonstrating the growing effectiveness of machine learning in cybersecurity. This significant discovery highlights AI’s evolving role in proactively detecting complex security flaws that often evade traditional methods, promising a future where AI plays a central role in securing digital infrastructure.
-
WordPress Sites Targeted by Critical Post SMTP Plugin Vulnerability
A critical vulnerability in the Post SMTP WordPress plugin (CVE-2025-11833) is actively being exploited, risking websites with over 400,000 active installations. Attackers can access email logs to intercept sensitive information, reset administrator passwords, and gain full control of websites. The vulnerability was discovered on October 11, 2025, and a patch (version 3.6.1) was released on…
-
Google’s AI “Big Sleep” Discovers Five Critical WebKit Vulnerabilities in Apple Software
Google’s AI cybersecurity agent “Big Sleep” has discovered five security flaws in Apple’s WebKit, leading to patches in the latest software updates. The vulnerabilities could cause browser crashes or memory corruption, but have not been exploited in the wild.
-
North Korean Actors Target Web3, New Side-Channel Attacks Exploit Intel/AMD TEEs
North Korean Actors Target Web3, New Side-Channel Attacks Exploit Intel/AMD TEEs