vulnerability
Grafana Critical CVE-2025-41115 CVSS 10.0
Urgent Alert: Grafana Enterprise CVE-2025-41115 (CVSS 10.0) allows full admin takeover via SCIM. Update to version 12.3.0 immediately. See the new affected versions and fix details here.
vulnerability
View All cybersecurity ai-security cloud-security zero-trust vulnerability security-architecture network-security security-operations iam supply-chain-security
vulnerability
The Trojan in Your IDE: Deconstructing the VS Code Marketplace Risk
A massive supply chain risk lurks in the VS Code Marketplace. Learn how attackers use typosquatting to impersonate popular extensions and install malware directly into your IDE.
vulnerability
Critical Oracle WebLogic RCE (CVE-2025-61882): Your Immediate Action Plan
A critical, unauthenticated RCE vulnerability (CVE-2025-61882) in Oracle WebLogic Server is being actively exploited. Here is your immediate action plan.
vulnerability
Critical Entra ID Impersonation Flaw - CVE-2025-55241
A critical flaw in Entra ID (CVE-2025-55241) allowed attackers to impersonate anyone. This is a CISO's guide to the 'Actor Token' vulnerability, the attack chain, and how to hunt for compromise.
vulnerability
Salesforce Supply Chain Nightmare: Breach at Salesloft & Drift
A major supply chain attack via Salesloft and Drift has breached top companies. This guides you to the threat, the impact on Salesforce, and the immediate action plan you need.
vulnerability
ServiceNow 'Counter-Strike' Flaw (CVE-2025-3648) Explained
Critical vulnerability in ServiceNow (CVE-2025-3648) allows a low-privilege user to gain full admin access. Learn how the 'Counter-Strike' attack works and how to mitigate it.