vulnerabilities

Can hackers really hijack your car in 2025?

Any game based on the popular Unity engine made in the last eight years can allow attackers to get into your computer or smartphone. Here’s what to do about it.

Phoenix, a new variant of the Rowhammer attack, makes it possible to attack DDR5 memory modules.

This is a tale about how vulnerabilities in apps by intimate-toy maker Lovense exposed users’ identities and allowed for account takeovers — a problem the company ignored for years.

WordPress sites are increasingly becoming targets of attacks exploiting vulnerabilities in plugins and themes. In this post, we examine recent cases and share protection tips.

Be careful what you connect to your in-car infotainment system.

Causes of discrepancies in Common Vulnerability Scoring System ratings, common mistakes when using CVSS for vulnerability prioritization, and how to do this right.

Two critical zero-day vulnerabilities in SharePoint are actively exploited by attackers in real-world attacks.

Adjust your daily routines to leave as little data about yourself online as possible.

Researchers have found several vulnerabilities in the Sitecore CMS platform that enable unauthenticated remote code execution (RCE).

Researchers have found a vulnerability that allows attackers to get root privileges on most Linux distributions.

Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system.

Since 2016, a threat actor has been exploiting insecure plugins and themes to infect WordPress websites and redirect traffic to malicious websites.

Our experts at GReAT have uncovered a dangerous vulnerability in a smart-home control app that allowed attackers to disable physical security systems.

Newly discovered vulnerabilities in AirPlay allow attacks on Apple devices and other AirPlay-enabled products over Wi-Fi – including zero-click exploits.

Researchers have found a way to exploit a security mechanism in a popular machine-learning framework.

A security researcher has investigated his own smart mattress cover, discovering several ways to hack it — including through a backdoor preinstalled by the developer.

Our technologies have helped to detect the zero-day vulnerability CVE-2025-2783 in Google Chrome, which was used in a sophisticated APT attack.

Reasons for updating your ESXi infrastructure ASAP, and enterprise threats that VM escape poses.

Microsoft’s March Patch Tuesday fixes several vulnerabilities that have already been used in the wild. Details are not clear at the moment, but it’s worth installing the patches ASAP.

A year after the ransomware attack on healthcare giant UnitedHealth Group, we’ve compiled all publicly available information about the incident and its aftermath.