Web application firewall protecting PHP servers from XML parsing attacks,

Critical PHP Vulnerability Lets Hackers Bypass Validation to Load Malicious Content

Critical PHP Vulnerability Lets Hackers Bypass Validation to Load Malicious Content Overview of the Critical PHP Vulnerability (CVE-2025-1219) A severe security flaw has been discovered in PHP’s libxml streams, affecting web applications that use DOMDocument or SimpleXML extensions for HTTP requests. Tracked as CVE-2025-1219, this vulnerability allows attackers to bypass [...]

Read More
CISA Warns of Active Exploits Targeting Sitecore CMS, Next.js, and DrayTek Devices – Critical Cybersecurity Alert 2025

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices Introduction The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Exploited Vulnerabilities (KEV) catalog to include critical security flaws affecting Sitecore CMS, Next.js, and DrayTek devices. These vulnerabilities pose a significant risk, allowing [...]

Read More