Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign

Can Your Security Stack See ChatGPT? Why Network Visibility Matters

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. 
The flaws, per watchTowr Labs, are listed below -

CVE-2025-53693 - HTML cache poisoning through unsafe reflections
CVE-2025-53691 - Remote code execution (RCE) through insecure deserialization
CVE-2025-53694 -

Headline

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

The Hacker News: Latest News