CVE-2025-0413 - Parallels Desktop Local Privilege Escalation via Technical Data Reporter (ZDI-CAN-25014) – Exploit Explained
Parallels Desktop is one of the most popular tools for running virtual machines on macOS. However, in its widespread use, it’s not immune to
CVE-2025-24964 - Critical Remote Code Execution in Vitest via Cross-site WebSocket Hijacking
Vitest is a popular testing framework built on top of Vite. With its blazing speed and developer-friendly features, it’s become a go-to choice for
CVE-2025-24968 - Full System Takeover in reNgine via Unrestricted Project Deletion Vulnerability
reNgine is a well-known open-source automated reconnaissance framework used primarily for web application security assessments. On June 2025, a critical vulnerability, CVE-2025-24968, came to light,
CVE-2025-24963 - Vitest Browser Mode File Disclosure Vulnerability – Simple Exploit and Patch Instructions
Vitest is a popular lightning-fast unit test framework powered by Vite. Recently, CVE-2025-24963 revealed a serious vulnerability that could let attackers read any file from
CVE-2025-0509 - How Attackers Can Bypass Sparkle’s Signature Checks to Deliver Malicious Updates *(Pre-2.6.4)
Sparkle is a widely-used update framework for macOS applications. If you’ve used popular Mac apps, chances are, Sparkle delivered their updates. But with great
Episode
00:00:00
00:00:00