Critical 'AirBorne' Vulnerabilities Allow Remote Hijacking of Apple AirPlay Devices
Researchers discovered severe security flaws in Apple's AirPlay technology that enable zero-click remote attacks on millions of devices. The 'AirBorne' vulnerabilities could let attackers take control of smart speakers and TVs without user interaction, highlighting major security risks in connected home devices.
Critical RCE Flaw in CentreStack File Sharing Platform Actively Exploited in the Wild
A severe vulnerability in CentreStack's file-sharing platform enables attackers to execute unauthorized code through hardcoded security keys. The actively exploited flaw affects both CentreStack and Triofox enterprise solutions, with patches now available from developer Gladinet.
Critical Apache Parquet Vulnerability Exposes Systems to Remote Code Execution
A severe security flaw in Apache Parquet's Java Library enables attackers to execute arbitrary code through malicious files. The vulnerability, rated with maximum severity, affects all versions up to 1.15.0 and requires immediate patching to version 1.15.1.
Critical RCE Vulnerability Exposes Thousands of Kubernetes Clusters to Attack
A severe set of security flaws dubbed 'IngressNightmare' threatens over 6,500 Kubernetes clusters using Ingress NGINX Controller. The vulnerabilities allow unauthenticated remote code execution with a critical CVSS score of 9.8, potentially enabling complete cluster takeover.
Critical Nuclei Scanner Vulnerability Enables Command Execution Through Template Bypass
Security researchers uncover a high-severity flaw in the popular Nuclei vulnerability scanner that could allow attackers to bypass signature checks and execute malicious code. The vulnerability affects millions of users across versions 3.0.0 to 3.3.2, highlighting security risks in widely-used security testing tools.
Critical Fortinet Vulnerability Exposes Cybersecurity Gaps and Corporate Responsibilities
A severe vulnerability in Fortinet's Wireless LAN Manager enables unauthorized system access and potential remote code execution, scoring 9.6/10 in severity. The incident highlights crucial issues around patch deployment timelines and vulnerability management as cybercrime damages are projected to exceed $10.5 trillion by 2025.