Follow Cyber Kendra on Google News! | WhatsApp | Telegram

Add as a preferred source on Google
Vulnerability
MongoDB's No-Login Memory Leak Exposes Years of Database Deployments

MongoDB's No-Login Memory Leak Exposes Years of Database Deployments

MongoDB has rushed patches for a high-severity vulnerability that transforms the database giant's compression feature into an open door for memor…
Critical n8n Flaw Exposes Thousands of Workflow Automation Servers to Remote Takeover

Critical n8n Flaw Exposes Thousands of Workflow Automation Servers to Remote Takeover

A severe security vulnerability in n8n, the rapidly growing open-source automation platform, has left thousands of self-hosted servers vulnerable to …
HPE's IT Management Platform Exposes Thousands of Enterprises to Perfect-Score Exploit

HPE's IT Management Platform Exposes Thousands of Enterprises to Perfect-Score Exploit

IT administrators managing HPE infrastructure just got an urgent wakeup call. A vulnerability in HPE OneView—the centralized dashboard that controls …
Critical FreePBX Flaws Expose Business Phone Systems to Complete Takeover

Critical FreePBX Flaws Expose Business Phone Systems to Complete Takeover

Security researchers have uncovered a trio of severe vulnerabilities in FreePBX, an open-source business phone system management platform, that could…
React Patches Two New Flaws Following React2Shell Chaos

React Patches Two New Flaws Following React2Shell Chaos

Two additional vulnerabilities discovered in React Server Components after critical React2Shell disclosure ; immediate patches required Security rese…
React2Shell Exploited: CISA Issues Emergency Patch Order

React2Shell Exploited: CISA Issues Emergency Patch Order

The React2Shell vulnerability saga has evolved from disclosure to active warfare in just 72 hours, with Chinese state-sponsored threat groups launch…
Hackers Exploit Novel SQLite Attack to Compromise Synology Storage Devices

Hackers Exploit Novel SQLite Attack to Compromise Synology Storage Devices

Security researchers have uncovered a critical vulnerability chain in Synology BeeStation devices that allows attackers to gain complete system contr…
Hackers Exploit FortiWeb Zero-Day to Hijack Admin Accounts

Hackers Exploit FortiWeb Zero-Day to Hijack Admin Accounts

A critical security vulnerability in Fortinet's FortiWeb web application firewall is being actively exploited in the wild, allowing attackers to …
Hackers Exploit Windows Server Flaw Hours After Emergency Patch

Hackers Exploit Windows Server Flaw Hours After Emergency Patch

Cybersecurity researchers have confirmed active exploitation of a critical Windows Server Update Services (WSUS) vulnerability just hours after Micro…
How Cybersecurity Teams Use TestRail to Streamline Penetration Testing and Security Validation

How Cybersecurity Teams Use TestRail to Streamline Penetration Testing and Security Validation

In today’s hyperconnected world, cybersecurity is no longer an isolated responsibility. It’s a cross-functional effort that involves developers, qual…
Android "Pixnapping" Flaw Lets Malicious Apps Steal 2FA Codes in Under 30 Seconds

Android "Pixnapping" Flaw Lets Malicious Apps Steal 2FA Codes in Under 30 Seconds

A sophisticated new attack vector targeting Android devices can covertly steal two-factor authentication codes, private messages, and location data—a…
Critical Telerik UI Flaw Puts Millions of Enterprise Applications at Risk

Critical Telerik UI Flaw Puts Millions of Enterprise Applications at Risk

A newly disclosed vulnerability in Progress Telerik UI for ASP.NET AJAX could enable attackers to crash or potentially execute malicious code on mill…
13-Year-Old Bug in Redis Puts 330,000 Instances at Risk

13-Year-Old Bug in Redis Puts 330,000 Instances at Risk

A critical remote code execution vulnerability lurking in Redis for over a decade has been discovered by cybersecurity researchers, potentially expos…
The Top 7 Vulnerabilities Exposed During dApp Audits

The Top 7 Vulnerabilities Exposed During dApp Audits

As decentralized applications (dApps) scale, the web layer increasingly becomes a primary path for abuse. A single front-end flaw can steer users to …
Critical Spring Gateway Flaw Enables Remote Code Execution

Critical Spring Gateway Flaw Enables Remote Code Execution

A critical vulnerability (CVE-2025-41243) in Spring Cloud Gateway Server WebFlux enables attackers to execute arbitrary code on affected systems by m…
Technical Details of Actively Exploited Android Kernel Flaw Released

Technical Details of Actively Exploited Android Kernel Flaw Released

A critical Android kernel vulnerability that Google warned was being actively exploited has been thoroughly dissected by security researcher StreyPaw…
Critical Tableau Server Flaws Allow Attackers to Execute Malicious Code on Enterprise Systems

Critical Tableau Server Flaws Allow Attackers to Execute Malicious Code on Enterprise Systems

Salesforce has disclosed five critical security vulnerabilities in Tableau Server and Desktop that could allow attackers to execute arbitrary code an…
NetScaler Zero-Day Exploited for Two Months in Stealth Attacks

NetScaler Zero-Day Exploited for Two Months in Stealth Attacks

A sophisticated cyber threat actor exploited a critical Citrix NetScaler vulnerability for nearly two months before its discovery, successfully breac…
WinRAR Zero-Day Exploited to Deploy Backdoors via Fake Job Applications

WinRAR Zero-Day Exploited to Deploy Backdoors via Fake Job Applications

A previously unknown vulnerability in WinRAR has been actively exploited by Russian-aligned hackers to infiltrate corporate networks through sophisti…
New HTTP Desync Attacks Compromise Major CDNs and Government Systems

New HTTP Desync Attacks Compromise Major CDNs and Government Systems

Security researcher James Kettle has published groundbreaking research exposing fundamental vulnerabilities in HTTP/1.1 that led to critical security…