CVE-2025-52970 High Fortinet FortiWeb AUTHENTICATION BYPASS Improper parameter handling flaw in FortiWeb allows unauthenticated attackers with certain non-public information to log in as any user via crafted requests. Affects versions 7.6.0–7.6.3, 7.4.0–7.4.7, 7.2.0–7.2.10, and 7.
ECScape
CVE-2025-20281 Critical Cisco ISE / ISE-PIC NO AUTHENTICATION REQUIRED A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. This vulnerability is due to insufficient validation of user-supplied input. Impact: An attacker
JavaScript
TRENDING TOPICS JUNE 03, 2025 Exploiting JavaScript TypeError for XSS in Safari: Risks and Mitigations A new cross-site scripting (XSS) flaw has been discovered in Safari that exploits how the browser constructs TypeError messages. This flaw occurs when the new operator is misused with a malformed string, causing Safari to
Monero Crypto
TRENDING TOPICS MAY 22, 2025 Monero-Linked Backdoor Malware Abuses PyBitmessage for Stealth C2 AhnLab Security Intelligence Center (ASEC) has identified a new malware campaign actively exploited in the wild that delivers a dual-threat payload: a Monero cryptocurrency miner and a backdoor component. This malware is currently being used in real-world