CVE-2025-57819 - Exploiting Unauthenticated Admin Access in FreePBX (Endpoint 15, 16, 17) – Details & Practical Attack Scenarios
FreePBX is a popular open-source VoIP system, widely used for managing voice communications in organizations. It offers a web-based interface for administering PBX functionality. But
CVE-2025-4609 - Exploiting Mojo Handle Confusion in Chrome for Sandbox Escape (with Code Example)
A serious vulnerability, now tracked as CVE-2025-4609, hit Google Chrome on Windows recently. Before version 136..7103.113, Chrome had a bug in the Mojo
CVE-2025-48493 - Sensitive Redis AUTH Credentials Logged in Plain Text by Yii2 Redis Extension
If you build web applications using the PHP Yii2 framework, you might use the Yii2 Redis extension to connect your app to a Redis database.
CVE-2025-25022 - Info Leak in IBM QRadar Suite & Cloud Pak for Security – Exploit & Analysis
A new critical vulnerability, CVE-2025-25022, has shaken the cybersecurity world. This flaw affects IBM QRadar Suite Software versions 1.10.12. through 1.11.2.
CVE-2025-4517 - Arbitrary Filesystem Write via Python `tarfile` Extraction with `filter="data"`
A new vulnerability, CVE-2025-4517, has been discovered in Python’s popular tarfile module. This issue allows attackers to write arbitrary files anywhere on your filesystem
Episode
00:00:00
00:00:00