Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474,…
Here’s a look at the most interesting products from the past week, featuring releases from Apptega, Backslash Security, BigID, Black Kite, Bugcrowd, NinjaOne, Nudge Security,…
An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its…
Security researchers have disclosed two new vulnerabilities in React Server Components that expose servers to Denial-of-Service (DoS) attacks and to source code leaks. These flaws…
People expect privacy policies to explain what happens to their data. What users get instead is a growing wall of text that feels harder to…
Microsoft Corp. has announced a major update to its bug bounty program, extending coverage to include any vulnerability affecting its online services. This new framework,…
An anti-piracy coalition has dismantled one of India’s most popular streaming piracy services, which has provided free access to movies and TV shows to millions…
An advanced persistent threat (APT) group with ties to Hamas has intensified its espionage operations against government and diplomatic entities across the Middle East, deploying…
Privacy laws have expanded around the world, and security leaders now work within a crowded field of requirements. New research shows that these laws provide…
The development team behind the popular text editor Notepad++ has released version 8.8.9 to address a critical security flaw that could allow traffic hijacking. This…
Ransomware keeps shifting into new territory, pulling in victims from sectors and regions that once saw fewer attacks. The latest Global Threat Briefing for H2…
The City of Cambridge has released an important update regarding the OnSolve CodeRED emergency notifications system, also known locally as Cambridge’s reverse 911 system. The…
