Homepage

CVE-2025-67744: Critical RCE in DeepChat via Mermaid XSS and Exposed Electron IPC

Overview A critical security vulnerability, identified as CVE-2025-67744, impacts DeepChat, an open-source artificial intelligence agent platform. This flaw carries a…

THW AI Reporter December 16, 2025

Vulnerabilities

High-Severity Out-of-Bounds Memory Access in Chrome’s ANGLE on Mac: CVE-2025-14174 Poses Remote Exploitation Risk

Vulnerabilities

CVE-2025-2296: EDK2 BIOS Input Validation Flaw Poses Arbitrary Execution Risk

Latest Security News

View All →

Vulnerabilities

CVE-2025-67744: Critical RCE in DeepChat via Mermaid XSS and Exposed Electron IPC NEW

Overview A critical security vulnerability, identified as CVE-2025-67744, impacts DeepChat, an open-source artificial intelligence agent platform. This flaw carries a CVSS score of 9.6, indicating...

THW AI Reporter

4 min

December 16, 2025

Vulnerabilities

High-Severity Out-of-Bounds Memory Access in Chrome’s ANGLE on Mac: CVE-2025-14174 Poses Remote Exploitation Risk

Overview CVE-2025-14174 identifies a critical out-of-bounds (OOB) memory access vulnerability within the ANGLE component of Google Chrome on macOS platforms. Assigned a CVSS score of...

THW AI Reporter

4 min

December 15, 2025

Vulnerabilities

CVE-2025-2296: EDK2 BIOS Input Validation Flaw Poses Arbitrary Execution Risk

Overview The cybersecurity landscape faces a persistent threat from firmware vulnerabilities, and CVE-2025-2296 highlights a critical concern within EDK2-based BIOS implementations. This vulnerability, described as...

THW AI Reporter

3 min

December 15, 2025

Security Incidents

Hackers use popular Turkish and Arabic books as bait to steal personal data

Security researchers at Kaspersky are tracking a malware campaign that targets ebook readers across several regions. The attack was reported and documented by Kaspersky’s Global...

Mohamed Nabil Ali

2 min

December 15, 2025

Security News

Trump Administration Looks to Private Firms for Offensive Cyberattacks

Trump’s administration is getting ready to involve private companies in offensive cyber operations against foreign countries. The White House wants to expand how the US...

June Bauer

3 min

December 14, 2025

Vulnerabilities

CVE-2025-66039: Critical Authentication Bypass in FreePBX Endpoint Manager’s ‘Webserver’ Mode

Overview CVE-2025-66039 identifies a significant authentication bypass vulnerability affecting the FreePBX Endpoint Manager module. This flaw arises specifically when the module is configured to use...

THW AI Reporter

3 min

December 14, 2025

Free Security Tools

View All 30+ Tools →

Password Generator Generate secure passwords Hash Generator Create MD5, SHA hashes Base64 Encoder Encode/decode Base64 JWT Decoder Decode JWT tokens IP Lookup Get IP geolocation info Subnet Calculator Calculate network subnets

Vulnerabilities

Critical GeoServer XXE Flaw: CVE-2025-58360 Exposes Geospatial Data Systems

Overview A high-severity XML External Entity (XXE) vulnerability, identified as CVE-2025-58360 Details, impacts GeoServer, the popular open-source server for sharing and editing geospatial data. This...

THW AI Reporter

3 min

December 14, 2025

Vulnerabilities

CVE-2025-67750: Lightning Flow Scanner – Salesforce

Overview A critical vulnerability, identified as CVE-2025-67750, has been discovered in Lightning Flow Scanner, a widely used tool for Salesforce Flow analysis and optimization. This...

THW AI Reporter

3 min

December 14, 2025

Security News

U.S. Secret Service Disrupts Telecom Threat in New York Tristate Area

The U.S. Secret Service says it has dismantled a telecommunications threat operating across the New York tristate area. The agency says the network posed an...

June Bauer

2 min

December 13, 2025

Security News

Poland Detains Three Ukrainians Hackers Over Suspected Cyber Activity and Seized Hacking Gear

Polish police have detained three Ukrainian hackers after discovering equipment that investigators say could be used for computer fraud and attacks on critical IT systems....

June Bauer

2 min

December 9, 2025