oceanstack

↗ HN profile [ 12.9 ms ] full profile
Karma
0
Created
()
Submissions
0
  1. A critical zero-day vulnerability (CVE-2025-38897) has been discovered in OpenSSH, affecting most Unix-based systems running versions 9.3 and earlier. The flaw allows unauthenticated remote code execution under specific…

  2. What’s happening: CISA warns that a critical out‑of‑bounds read flaw in Citrix NetScaler ADC and Gateway—dubbed CitrixBleed‑2 (CVE‑2025‑5777)—is actively exploited in the wild Why it matters: Attackers can extract…

  3. Heads up—there’s a zero-day in CrushFTP that’s being actively exploited. If you’re not using their DMZ proxy setup, attackers can remotely grab admin access via HTTPS. Versions before 10.8.5 and 11.3.4_23 are affected.…