Zero-Day Vulnerability in Windows SMB Client Exploited via Reflective Kerberos Relay Attack
A critical zero-day vulnerability affecting Windows systems that allows attackers to gain maximum system privileges through a novel Kerberos-based attack technique.The vulnerability, designated...
New Salesforce SOQL Injection 0-Day Vulnerability Exposes Millions of Deployments
A security researcher has disclosed a critical SOQL injection vulnerability in Salesforce's built-in controller that potentially exposed sensitive user data across thousands of enterprise...
PoC Released for Fortinet Zero-Day Vulnerability Actively Exploited in the Wild
Security researchers have published a detailed technical analysis and proof-of-concept exploit for CVE-2025-32756, a critical zero-day vulnerability affecting multiple Fortinet products that is currently...
Hackers Exploit Cityworks Zero-Day Flaw to Target IIS Servers with Shell Malware
Security researchers at Cisco Talos identified active exploitation of a critical remote code execution vulnerability (CVE-2025-0994) in Trimble Cityworks, a widely deployed asset management...
Versa Concerto 0-Day Flaw Enables Remote Code Execution via Authentication Bypass
Versa Concerto, a widely deployed SD-WAN and network orchestration platform, is at the center of a major security crisis after researchers revealed a chain...
