Cybernews

17-year-old PowerPoint flaw still actively exploited by attackers, CISA warns

Someone has likely fallen victim to attackers exploiting an old PowerPoint vulnerability that dates back to 2009. The US cybersecurity authority, CISA, is urging federal agencies to immediately ...

CISA flags actively exploited Office relic alongside fresh HPE flaw

The latest update to CISA's Known Exploited Vulnerabilities catalog flags CVE-2025-37164, a code injection vulnerability in ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...

Seven critical security vulnerabilities with the highest rating threaten Coolify

The self-hosting platform Coolify is severely vulnerable. According to security researchers, there are almost 15,000 ...
SecurityWeek

Critical HPE OneView Vulnerability Exploited in Attacks

CISA warns that CVE-2025-37164, a maximum-severity HPE OneView vulnerability leading to remote code execution, has been exploited in the wild.
The Register on MSN

OpenAI putting bandaids on bandaids as prompt injection problems keep festering

Happy Groundhog Day! Security researchers at Radware say they've identified several vulnerabilities in OpenAI's ChatGPT ...
The Hacker News

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances

Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances | Read more hacking news on The ...

zlib: Critical vulnerability in untgz tool allows code smuggling – no update yet

A critical vulnerability in the zlib library, included in many operating systems and programs, allows code smuggling.

CISA tags max severity HPE OneView flaw as actively exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a maximum-severity HPE OneView vulnerability as ...