Friday , May 9 2025

Recent Posts

Hacker exploited Samsung MagicINFO 9 Server RCE flaw

Samsung

Hackers are exploiting an unauthenticated remote code execution vulnerability in the Samsung MagicINFO 9 Server to take control of devices and install malware. The server allows file uploads to update display content, but hackers are using this feature to upload malicious code. The flaw identified as CVE-2024-7399 was publicly disclosed …

Read More »

CISA adds Langflow flaw to its KEV catalog

Langflow

CISA added the Langflow vulnerability, CVE-2025-3248 (CVSS score 9.8), to its Known Exploited Vulnerabilities catalog. Langflow is a popular tool used for building agentic AI workflows. CVE-2025-3248 is a code injection vulnerability in the /api/v1/validate/code endpoint. An unauthenticated remote attacker can exploit it by sending specially crafted HTTP requests to …

Read More »

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers

Google

Google has released its monthly Android security updates, addressing 46 vulnerabilities, including one that has been actively exploited. CVE-2025-27363 (CVSS score: 8.1) is a high-severity vulnerability in the System component that allows local code execution without needing extra privileges. “The most severe of these issues is a high security vulnerability …

Read More »

This will close in 6 seconds