The developers of Roundcube Webmail have released security updates for their long-term support (LTS) versions 1.5 and 1.6. These updates fix a recently identified security vulnerability that could potentially be exploited by malicious actors. A security flaw, identified as CVE-2025-49113, affects all versions of Roundcube released before 1.5.10 and 1.6.11. This vulnerability allows an attacker…

Continue Reading

Recently, cybersecurity researchers at Qualys TRU (Threat Research Unit) identified two serious vulnerabilities in key Linux crash-reporting tools—Apport and systemd-coredump—that could expose sensitive information to malicious local users. These findings highlight the importance of timely patching and configuration adjustments to protect Linux-based systems from potential exploits. Apport and systemd-coredump are both tools that serve as…

Continue Reading

Recent security analysis by researchers at KEVInte have uncovered ongoing exploitation of a critical vulnerability affecting vBulletin, a widely used forum software with a history dating back to 2000. Known for powering countless online communities, vBulletin’s long-standing presence in the web forum space makes it a prime target for attackers, especially when security flaws remain…

Continue Reading

A serious security flaw has been identified in the popular and widely used TI WooCommerce Wishlist plugin, which provides additional features for WooCommerce stores including wish list features. Security researchers at Patchstack, a cloud cybersecurity discovered that the plugin is vulnerable to an unauthenticated arbitrary file upload, allowing attackers to upload malicious filesDthat could be…

Continue Reading

Victoria’s Secret, one of the largest and globally recognized lingerie and apparel retailers, has reported a security incident affecting its online services. Their official website, victoriassecret.com, along with some in-store digital services, have been temporarily taken offline as a precaution. In an official statement on the site, Victoria’s Secret explained that the suspicious activity breach…

Continue Reading

Security researchers have identified a security vulnerability in how certain apps and websites access OneDrive files, which could potentially expose users’ data to broader access than intended. Risks of Excessive or Overly Broad Permissions OneDrive is Microsoft’s cloud storage service that allows users to store, sync, and share files across devices, making it a popular…

Continue Reading

On May 22, 2025, Cetus Protocol disclosed that it experienced a serious security incident involving a malicious attack on its platform. The hacker’s moves involved swapping stablecoins (a type of cryptocurrency designed to keep a stable value, like USDT and USDC), transferring the funds to Ethereum, and converting them into other cryptocurrencies such as ETH.…

Continue Reading