Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks

Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...
Security Boulevard

The Invisible Threat: Business Logic Flaws in Modern Applications and Why Scanners Miss Them

In today's security landscape, some of the most dangerous vulnerabilities aren't flagged by automated scanners at all. These ...

Why Application Security Now Shapes Everyday Digital Trust

Learn how protecting software reduces breaches, downtime, and data exposure. Includes common threats like injection, XSS, and weak access.
Cybernews

750,000 DNN websites in danger: a simple SVG upload can lead to complete compromise

A severe cross-site-scripting (XSS) vulnerability in DNN, a popular open-source content management platform, allows attackers ...

Ubuntu's web infrastructure is under a sustained, cross-border attack

A whole range of Ubuntu sites and services seem to be affected.
Forbes

New WhatsApp Attacks—Microsoft Shares Critical Warning For Users

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Multiple WhatsApp attack warnings issued. Updated April 4: Following the threat warning ...
Crowdfund Insider

Kelp DAO Cross-Chain Bridge Exploit and Spillover to DeFi Protocol Aave Analyzed in New Report

Researchers at NYDIG have recently analyzed a major DeFi ecosystem April 2026 exploit that underscores how minor technical choices can ripple into widespread ...
Microsoft

Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...

U.S. Attacks Iranian Cargo Ship as Both Countries Claim Cease-Fire Violations

President Trump said the United States attacked an Iranian ship that tried to get past the U.S. blockade, hours after Iran ...