A security flaw affecting the online shopping platform WooCommerce has been patched after researchers discovered it could expose certain customer order details under specific conditions. The disclosure and patch details, disclosed in a developer advisory, impacted a wide range of WooCommerce versions used by millions of WordPress-based online stores worldwide. The vulnerability, tracked as GHSL-2025-129,

Continue Reading

HPE (Hewlett-Packard Enterprise) has issued a high-severity security advisory for HPE OneView, warning of a vulnerability that could allow remote, unauthenticated attackers to execute arbitrary code on affected systems. HPE OneView is commonly deployed as a centralized management platform with deep visibility and control over compute, storage, and networking infrastructure. Because this vulnerability can be

Continue Reading

Security researchers at Gen Digital have recently discovered a newly observed attack technique targeting WhatsApp, which enables attackers to gain persistent access to user accounts by abusing WhatsApp’s legitimate device-linking functionality. The technique, referred to as a GhostPairing attack, does not rely on stolen passwords, SIM swapping, or malware. Instead, attackers use social engineering to

Continue Reading

Users aware of their privacy online often turn to browser extensions like VPNs and ad blockers to protect their online activities. But recent research reveals that one of the most popular VPN extensions, Urban VPN Proxy, has been secretly harvesting and selling users’ AI conversations without their consent, affecting over 8 million users worldwide, with

Continue Reading

Cybersecurity company Cloudflare’s latest analysis , , the 2025 Web Traffic and Security Report, highlights that in 2025 the web continued to grow steadily, while security threats and large-scale outages reached new highs. Drawing from traffic observed across millions of protected sites and applications, Cloudflare found that Google continued to dominate global search traffic, accounting

Continue Reading

Researchers at penetration testing and security company Horizon3.ai have disclosed a series of high-impact vulnerabilities in FreePBX, a widely used open-source VoIP and IP PBX management platform, raising serious concerns for organizations running unpatched systems. The findings detail multiple flaws that attackers could chain together to gain full remote code execution (RCE) on affected FreePBX

Continue Reading

SoundCloud has disclosed on an official post that it recently identified and resolved a security incident involving unauthorized activity within an ancillary service dashboard. The company stated that the issue has been fully contained and that there is no ongoing risk to the security or availability of the platform. Upon discovery, SoundCloud immediately activated its

Continue Reading

Google has announced that it will discontinue its Dark Web Report, a feature for Google account or workspace users designed to scan the dark web for users’ personal information, as part of a broader effort to focus on security tools that offer clearer, more actionable protection for users. According to Google, feedback showed that while

Continue Reading