Three vulnerabilities found in the open-source PHP package Voyager in Laravel can be exploited to launch remote code execution attacks. Until now, the issue has not been fixed and can be exploited against authenticated Voyager users who click on a malicious link. Vulnerability researchers at SonarSource said that they tried to report the weakness to...Read More

A critical vulnerability was found in the open-source file archiving tool, 7-Zip, which allows attackers to bypass the Windows Mark of the Web (MotW) security feature and potentially trick users into launching malware. This vulnerability was identified as CVE-2025-0411 by Trend Micro and received a CVSS score of 7.0. “The CVE-2025-0411 vulnerability allows remote attackers...Read More

A bug was discovered in the Windows BitLocker encryption tool identified as CVE-2025-21210. This vulnerability has exposed the BitLocker encryption system to a new random attack targeting the AES-XTS encryption mode. In addition, this vulnerability also allows an attacker who has physical access to manipulate ciphertext blocks and cause sensitive data to be written to...Read More

Reported by Wordfence, its security team discovered a critical authentication bypass vulnerability in the Really Simple Security plugin (formerly known as Really Simple SSL), which includes both free and paid (pro) versions, and has been used on over 4 million websites. This plugin is designed to enhance security on the WordPress platform with features such...Read More

Greetings, fellow Nawala! Hope you are always in good health. This is the IAES Newsletter of the Institute of Advanced Engineering and Science. Today we want to share the theme of food technology or food technology. Food is a primary need for humans to survive. Material problems will be a severe problem that needs to...Read More