Apple fixes two zero-day flaws exploited in 'sophisticated' attacks

Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an "extremely sophisticated ...
SecurityWeek

Recent GeoServer Vulnerability Exploited in Attacks

CISA warns that a critical XXE vulnerability in OSGeo GeoServer tracked as CVE-2025-58360 has been exploited in the wild.

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...