Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
Vulnerability
NGINX Servers Exposed: Response Injection Flaw Puts Millions of Web Applications at Risk

NGINX Servers Exposed: Response Injection Flaw Puts Millions of Web Applications at Risk

A newly disclosed vulnerability in NGINX web servers could allow attackers positioned between servers and upstream systems to manipulate data flowing…
AI Hacks AI: Security Tool Finds One-Click RCE in OpenClaw Assistant

AI Hacks AI: Security Tool Finds One-Click RCE in OpenClaw Assistant

In a watershed moment for AI security, an autonomous hacking agent has successfully exploited another AI system, exposing a critical vulnerability in…
Critical Unauthenticated RCE Flaw Exposes SolarWinds Web Help Desk to Instant Takeover

Critical Unauthenticated RCE Flaw Exposes SolarWinds Web Help Desk to Instant Takeover

Security researchers at Horizon3.ai have uncovered a chain of critical vulnerabilities in SolarWinds Web Help Desk (WHD) that allows unauthenticated …
WinRAR Flaw Becomes Hacker Gold Mine: State Spies and Cybercriminals Still Exploiting Six-Month-Old Bug

WinRAR Flaw Becomes Hacker Gold Mine: State Spies and Cybercriminals Still Exploiting Six-Month-Old Bug

Six months after a critical WinRAR vulnerability was patched, hackers from Russia, China, and cybercrime groups continue to exploit it—turning a fixe…
OpenSSL Patches Critical S/MIME Flaw That Could Let Attackers Hijack Encrypted Email

OpenSSL Patches Critical S/MIME Flaw That Could Let Attackers Hijack Encrypted Email

A vulnerability in OpenSSL's email encryption system could allow attackers to crash servers or execute malicious code without authentication cred…
React Faces Third Wave of Vulnerabilities as Researchers Uncover DoS Flaws in Patched Code

React Faces Third Wave of Vulnerabilities as Researchers Uncover DoS Flaws in Patched Code

React developers are facing yet another emergency patching cycle after security researchers discovered additional denial-of-service vulnerabilities w…
AMD CPUs Expose Critical Flaw: StackWarp Attack Breaks Security on Cloud Servers

AMD CPUs Expose Critical Flaw: StackWarp Attack Breaks Security on Cloud Servers

A newly disclosed hardware vulnerability in AMD processors threatens the foundation of confidential computing, allowing attackers to hijack secure vi…
Two Missing Characters Nearly Compromised Every AWS Account Worldwide

Two Missing Characters Nearly Compromised Every AWS Account Worldwide

Security researchers at Wiz have exposed a hair-raising vulnerability that could have given attackers complete control over the AWS JavaScript SDK—th…
Hackers Could Hijack ServiceNow AI Agents Using Just an Email Address

Hackers Could Hijack ServiceNow AI Agents Using Just an Email Address

An attacker halfway across the world with nothing but your email address could hijack your company's AI agents, create backdoor admin accounts, a…
How 100,000 Automation Servers Became a Master Key to Enterprise Data

How 100,000 Automation Servers Became a Master Key to Enterprise Data

A critical security flaw in n8n—the workflow automation darling of the AI era—has exposed an estimated 100,000 servers to complete takeover, turning …
MongoDB's No-Login Memory Leak Exposes Years of Database Deployments

MongoDB's No-Login Memory Leak Exposes Years of Database Deployments

MongoDB has rushed patches for a high-severity vulnerability that transforms the database giant's compression feature into an open door for memor…
Critical n8n Flaw Exposes Thousands of Workflow Automation Servers to Remote Takeover

Critical n8n Flaw Exposes Thousands of Workflow Automation Servers to Remote Takeover

A severe security vulnerability in n8n, the rapidly growing open-source automation platform, has left thousands of self-hosted servers vulnerable to …
HPE's IT Management Platform Exposes Thousands of Enterprises to Perfect-Score Exploit

HPE's IT Management Platform Exposes Thousands of Enterprises to Perfect-Score Exploit

IT administrators managing HPE infrastructure just got an urgent wakeup call. A vulnerability in HPE OneView—the centralized dashboard that controls …
Critical FreePBX Flaws Expose Business Phone Systems to Complete Takeover

Critical FreePBX Flaws Expose Business Phone Systems to Complete Takeover

Security researchers have uncovered a trio of severe vulnerabilities in FreePBX, an open-source business phone system management platform, that could…
React Patches Two New Flaws Following React2Shell Chaos

React Patches Two New Flaws Following React2Shell Chaos

Two additional vulnerabilities discovered in React Server Components after critical React2Shell disclosure ; immediate patches required Security rese…
React2Shell Exploited: CISA Issues Emergency Patch Order

React2Shell Exploited: CISA Issues Emergency Patch Order

The React2Shell vulnerability saga has evolved from disclosure to active warfare in just 72 hours, with Chinese state-sponsored threat groups launch…
Hackers Exploit Novel SQLite Attack to Compromise Synology Storage Devices

Hackers Exploit Novel SQLite Attack to Compromise Synology Storage Devices

Security researchers have uncovered a critical vulnerability chain in Synology BeeStation devices that allows attackers to gain complete system contr…
Hackers Exploit FortiWeb Zero-Day to Hijack Admin Accounts

Hackers Exploit FortiWeb Zero-Day to Hijack Admin Accounts

A critical security vulnerability in Fortinet's FortiWeb web application firewall is being actively exploited in the wild, allowing attackers to …
Hackers Exploit Windows Server Flaw Hours After Emergency Patch

Hackers Exploit Windows Server Flaw Hours After Emergency Patch

Cybersecurity researchers have confirmed active exploitation of a critical Windows Server Update Services (WSUS) vulnerability just hours after Micro…
How Cybersecurity Teams Use TestRail to Streamline Penetration Testing and Security Validation

How Cybersecurity Teams Use TestRail to Streamline Penetration Testing and Security Validation

In today’s hyperconnected world, cybersecurity is no longer an isolated responsibility. It’s a cross-functional effort that involves developers, qual…