CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...
Infosecurity-magazine.com

High-Severity Vulnerability Discovered in Popular CMS

A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and ...
Bleeping Computer

Hackers exploiting zero-day in Gladinet file sharing software

Threat actors are exploiting a zero-day vulnerability (CVE-2025-11371) in Gladinet CentreStack and Triofox products, which allows a local attacker to access system files without authentication. At ...
Bleeping Computer

Gladinet fixes actively exploited zero-day in file-sharing software

Gladinet has released security updates for its CentreStack business solution to address a local file inclusion vulnerability (CVE-2025-11371) that threat actors have leveraged as a zero-day since late ...
CSOonline

Gladinet file sharing zero-day brings patched flaw back from the dead

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...