Wednesday , July 23 2025

Recent Posts

CVE-2025-20337
Patch Now! Cisco ISE bug allows pre-auth command execution

ISE

A critical vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE-PIC, identified as CVE-2025-20337, has a CVSS score of 10, indicating its high severity. According to Cisco’s advisory, this vulnerability arises from “insufficient validation of user-supplied input” in a specific API. This means that an unauthenticated, remote attacker can …

Read More »

BD Bank Honours PABC Officials for Foiling $20 Million Cyber Fraud Attempt

PACB

On Tuesday, Bangladesh Bank organized a special award ceremony at its headquarters in Dhaka to formally recognize and honor a group of officials from Pan Asia Banking Corporation (PACB), Sri Lanka, for their exemplary vigilance, professionalism, and integrity in preventing a $20 million fraudulent transaction during the 2016 Bangladesh Bank …

Read More »

Node.js Flaws Expose Windows Apps to Path Traversal & HashDoS Attacks

Node.js

The OpenJS Foundation has updated Node.js 24.x, 22.x, and 20.x to fix two serious vulnerabilities—CVE-2025-27210 and CVE-2025-27209—that could endanger Windows applications and web services using JavaScript’s V8 engine. These issues, involving path traversal bypass and hash collision denial-of-service (HashDoS), impact millions of backend and full-stack applications globally. CVE-2025-27210: Path Traversal …

Read More »