Microsoft patched 57 vulnerabilities in its Patch Tuesday December 2025 update, including one exploited zero-day and six high-risk vulnerabilities. The…
A critical stored cross-site scripting vulnerability in Ivanti Endpoint Manager (“EPM”) versions 2024 SU4 and below, that could enable attackers…
An AI image creator startup left its database unsecured, exposing more than a million images and videos its users had…
Microsoft has officially addressed a new security vulnerability affecting the Windows Defender Firewall Service that could allow threat actors to…
The Shadowserver Foundation has released alarming new data regarding the exposure of web applications to CVE-2025-55182, a critical vulnerability affecting…
To try to determine the probability of those name repetitions being a coincidence, Cary checked two databases of Chinese names…
Microsoft has published comprehensive guidance addressing the Shai-Hulud 2.0 supply chain attack, one of the most significant cloud-native ecosystem compromises…
A team of cybersecurity researchers at Sysdig, a firm specialising in protecting cloud and container-based apps, has found a new…
These updates from Microsoft fix serious security issues, including three that attackers are already exploiting to take control of Windows…
Security teams on Tuesday said they are responding to a rising number of potential compromises linked to a critical vulnerability…
A sophisticated new phishing framework dubbed “Spiderman” has emerged in the cybercrime underground, dramatically lowering the barrier to entry for…
A critical vulnerability in Google Gemini Enterprise and Vertex AI Search, dubbed GeminiJack, that allows attackers to exfiltrate sensitive corporate data…