Privacy is dead: For multiple months, any O2 customer has had their location exposed to call initiators without their knowledge.

Hear about the latest advances in Apple security from our engineering teams, send us your own research, and work directly with us to be recognized and rewarded for helping keep our users safe.

CVE-2025-32421

In my last post, I demonstrated a basic approach to fuzzing an RTOS firmware using AFL++’s Unicorn mode. The provided firmware for that…

Summary Multiple Foscam X5 vulnerabilities have been discovered, the vulnerabilities allow a remote attacker to trigger code execution vulnerabilities in the product. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response…

Varonis' 2025 State of Data Security Report shares findings from 1,000 real-world IT environments to uncover the dark side of the AI boom and what proactive steps orgs can take to secure critical information.

A new malvertising scheme is turning legitimate e-commerce sites into phishing traps without the knowledge of site owners or advertisers. By exploiting the integrations with Google APIs, they are injecting malicious noscripts into ecommerce sites using JSONP…

EvilWorker is a new AiTM attack framework designed to conduct credential phishing campaigns.

Akamai researchers found a privilege escalation vulnerability in Windows Server 2025 that allows attackers to compromise any user in Active Directory.

Rhino Security Labs found CVE-2025-26147 in Denodo Scheduler, an application administrators use to configure servers, databases, and specify forms of authentication.

Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure

Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.

Rare Code Base offers free ethical hacking, programming tutorials, cybersecurity insights, and much more. Access expert resources to learn coding, master ethical hacking, explore tech trends, and stay ahead in the ever-evolving world of technology.

Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach

Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.