Vulnerabilities | KITEFALL

AI Coding Tools Like Copilot and Amazon Q Face 30+ Security Vulnerabilities 2025-12-06 22:44 WebProNews
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks 2025-12-06 22:17 The Hacker News
Critical React Vulnerability Puts Web Servers At Immediate Risk 2025-12-06 18:35 TechWorm
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation 2025-12-06 12:14 The Hacker News
The new Home Assistant, Raspberry Pi price hikes, and more: News roundup 2025-12-06 12:06 How-To Geek
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now 2025-12-06 11:34 Cyber Security News
2.15M Next.js Web Services Exposed Online, Active Attacks Reported – Update Immediately 2025-12-06 11:34 GBHackers
Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges 2025-12-06 06:38 Cyber Security News
Chromium High CVE-2025-13630, 13631, 13632 Advisory 2025-12-06 04:42 Linux Security
New Splunk Windows Flaw Enables Privilege Escalation Attacks 2025-12-06 02:27 eSecurityPlanet
Command Execution Risk Found in Cacti’s SNMP Handling 2025-12-06 02:27 eSecurityPlanet
Critical XXE Vulnerability in Apache Tika (CVE-2025-66516) Enables SSRF and RCE 2025-12-06 02:13 WebProNews
State-linked groups target critical vulnerability in React Server Components 2025-12-06 01:57 Cybersecurity Dive
Maximum-severity XXE vulnerability discovered in Apache Tika 2025-12-06 01:37 Security Affairs
Attackers hit React defect as researchers quibble over proof 2025-12-06 00:51 CyberScoop
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch 2025-12-06 00:48 The Hacker News
News brief: RCE flaws persist as top cybersecurity threat 2025-12-06 00:06 TechTarget
Cloudflare blames Friday outage on borked fix for React2shell vuln 2025-12-05 23:02 The Register
React.js Hit by Maximum-Severity 'React2Shell' Vulnerability 2025-12-05 21:16 Infosecurity Magazine
Critical Apache Tika Core Vulnerability Exploited by Uploading Malicious PDF 2025-12-05 20:29 Cyber Security News
Cloudflare Outage Traced to Emergency React2Shell Patch Deployment 2025-12-05 20:28 Cyber Security News
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation 2025-12-05 20:28 GBHackers
Google Chrome 143 Update Patches 13 Vulnerabilities, Including RCE Flaw 2025-12-05 20:24 WebProNews
Cyber teams on alert as React2Shell exploitation spreads 2025-12-05 20:03 TechTarget
Mirion Medical issues patches for five high-severity vulnerabilities 2025-12-05 19:47 mHealthIntelligence
CrowdStrike Exposes China-Linked WARP PANDA Cyber Espionage Threat 2025-12-05 19:42 WebProNews
Chinese Hackers Exploit React2Shell Vulnerability Hours After Disclosure 2025-12-05 19:42 WebProNews
Experts warn this 'worst case scenario' React vulnerability could soon be exploited - so patch now 2025-12-05 19:35 TechRadar
Chinese hackers exploiting React2Shell bug impacting countless websites, Amazon researchers say 2025-12-05 17:03 The Record
Cloudflare fixes second outage in a month 2025-12-05 16:45 Computer Weekly
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems 2025-12-05 15:28 The Hacker News
Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery 2025-12-05 15:27 The Hacker News
Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability 2025-12-05 15:27 The Hacker News
Chinese Nation-State Groups Tied to 'React2Shell' Targeting 2025-12-05 15:22 Bank Information Security - New Jersey
Beijing-linked hackers are hammering max-severity React bug, AWS warns 2025-12-05 14:24 The Register
Apache Tika Core Flaw Allows Attackers to Exploit Systems with Malicious PDF Uploads 2025-12-05 13:12 GBHackers
Microsoft Issues Unannounced Patch for Zero-Day LNK Vulnerability Used in Real-World Attacks 2025-12-05 13:10 International Business Times - United Kingdom
Cacti Command Injection Flaw Allows Remote Execution of Malicious Code 2025-12-05 13:09 GBHackers
China-Nexus Hackers Target VMware vCenter Systems to Deploy Web Shells and Malware Implants 2025-12-05 13:09 GBHackers
NVIDIA Triton Vulnerability Let Attackers Trigger DoS Attack Using Malicious Payload 2025-12-05 13:09 Cyber Security News
China-Nexus Hackers Exploiting VMware vCenter Environments to Deploy Web Shells and Malware Implants 2025-12-05 12:50 Cyber Security News
Update Now — Nvidia Confirms New Security Vulnerabilities 2025-12-05 12:14 Forbes
Cloudflare firewall reacts badly to React exploit mitigation 2025-12-05 11:22 CSO
Microsoft Silently Mitigated Exploited LNK Vulnerability 2025-12-05 08:10 SecurityWeek
China-Nexus Hackers Exploiting React2Shell Vulnerability in Active Attacks 2025-12-05 08:04 GBHackers
PoC Exploit Released for Critical React, Next.js RCE Vulnerability (CVE-2025-55182) 2025-12-05 08:01 Cyber Security News
Splunk Enterprise Vulnerabilities Allows Privileges Escalation Via Incorrect File Permissions 2025-12-05 08:01 Cyber Security News
Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely 2025-12-05 08:01 Cyber Security News
China-Nexus Hackers Actively Exploiting React2Shell Vulnerability (CVE-2025-55182) in the Wild 2025-12-05 07:39 Cyber Security News
JPCERT Confirms Active Command Injection Attacks on Array AG Gateways 2025-12-05 06:57 The Hacker News
New iOS Zero-Day Exploit Chain Enables Advanced Surveillance by Mercenary Spyware 2025-12-05 03:01 GBHackers
Microsoft 'Mitigates' Windows LNK Flaw Exploited As Zero-Day 2025-12-04 19:42 Slashdot
Billions of Chrome users at risk from 13 security flaws including four high-severity ones — update your browser right now 2025-12-04 19:29 Tom's Guide
Microsoft Patches Decade-Old Windows .LNK Vulnerability in Latest Update 2025-12-04 19:05 WebProNews
Critical Kernel Issues Advisory USN-7911-1 CVE-2023-52975 2025-12-04 18:59 Linux Security
Linux Kernel Critical Security Update USN-7907-3 2025-12-04 18:59 Linux Security
Microsoft quietly patches LNK vulnerability that's been weaponized for years 2025-12-04 18:56 TechRadar
Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse 2025-12-04 15:58 The Register
Your Android phone may be in critical danger - update it ASAP 2025-12-04 15:12 ZDNet
Vim for Windows Flaw Lets Attackers Execute Arbitrary Code 2025-12-04 14:15 GBHackers
New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182) 2025-12-04 14:15 GBHackers
iOS Zero-Day Exploit Chain Leveraged by Mercenary Spyware for Device Surveillance 2025-12-04 13:39 Cyber Security News
Microsoft Silently Activates Critical Windows Security Update 2025-12-04 13:15 Forbes
Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182) 2025-12-04 12:37 Help Net Security
Dartmouth College Impacted by Oracle E-Business Suite Data Breach 2025-12-04 11:24 CPO Magazine
Webkit2gtk Critical Security Update DLA-4394-1 CVE-2025-43392 2025-12-04 10:57 Linux Security
Linux Kernel Critical Security Flaws USN-7909-1 2025-12-04 10:57 Linux Security
Microsoft Silently Fixes 8-Year Windows Security Flaw 2025-12-04 10:16 TechRepublic
Google Issues Critical Update For All Pixel Users—Attacks Confirmed 2025-12-04 09:06 Forbes
Hackers Actively Exploit New Windows LNK 0-Day Vulnerability 2025-12-04 07:13 GBHackers
Critical CVE-2025-55182 in React Enables Remote Code Execution 2025-12-04 05:42 WebProNews
Google just fixed 107 security flaws including two zero-days — update your Android phone right now 2025-12-04 02:36 Tom's Guide
When ERP Systems Become the Attack Surface 2025-12-04 02:24 Bank Information Security - New Jersey
Marketing and Compliance Software Vendor to Banks Breached 2025-12-04 02:10 Bank Information Security - New Jersey
CISA Warns of Severe Flaws in Nuclear Med Tracking Software 2025-12-04 02:10 Bank Information Security - New Jersey
Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation 2025-12-04 02:09 The Hacker News
Windows 11 zero-day security vulnerability gets partial fix from Microsoft 2025-12-04 00:51 How-To Geek
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability 2025-12-03 18:48 GBHackers
CISA Warns of Android 0-Day Vulnerability Exploited in Attacks 2025-12-03 17:55 Cyber Security News
Chrome 143 fixes 13 security flaws, plus new Read Aloud and AI features 2025-12-03 17:23 PC World
Critical React Vulnerability CVE-2025-55182 Enables RCE; Cloudflare Deploys Fixes 2025-12-03 16:44 WebProNews
Crucial Google Chrome 143 Update — Why 3 Billion Users Must Act Now 2025-12-03 13:28 Forbes
Google Fixes 107 Android Flaws 2025-12-03 10:54 TechRepublic
Chrome 143 Update Patches 13 Security Vulnerabilities Allowing Arbitrary Code Execution 2025-12-03 10:00 GBHackers
Chrome 143 Released With Fix for 13 Vulnerabilities that Enable Arbitrary Code Execution 2025-12-03 09:59 Cyber Security News
U.S. CISA adds Android Framework flaws to its Known Exploited Vulnerabilities catalog 2025-12-03 09:28 Security Affairs
openbao Critical CVE-2025-64761 Privileged Escalation Advisory 2025-12-03 07:11 Linux Security
Google Releases Patches for Android Zero-Day Flaws Exploited in the Wild 2025-12-03 05:09 Infosecurity Magazine
CISA Warns Samsung And Pixel Users—Update Or Stop Using Your Phone 2025-12-03 01:32 Forbes
Two Android 0-day bugs disclosed and fixed, plus 105 more to patch 2025-12-02 20:28 The Register
Google’s December 2025 Android Update Patches 107 Vulnerabilities, Two Zero-Days 2025-12-02 20:14 WebProNews
Google Patches 100+ Android Vulnerabilities, Including Active Zero-Days 2025-12-02 20:13 WebProNews
Google Fixes 107 Android Vulnerabilities In Major Security Update 2025-12-02 19:58 Hot Hardware
Google's December Security Update Fixes Two Zero-Day Exploits (and 105 Others) 2025-12-02 19:47 Lifehacker - Massachusetts
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572) 2025-12-02 15:56 Help Net Security
Google’s latest Android security update fixes two actively exploited flaws 2025-12-02 15:53 Security Affairs
107 Android flaws just got patched by Google - here's how to make sure you're up to date 2025-12-02 14:08 TechRadar Pro
Apache Struts Flaw Allows Attackers to Launch Disk Exhaustion Attacks 2025-12-02 12:50 GBHackers
Google Fixes Android Zero-Day Flaws Actively Exploited in the Wild 2025-12-02 12:50 GBHackers
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild 2025-12-02 10:17 The Hacker News