The next big IT security battle is all about privileged access
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in 2026 driven by new realities of cybersecurity, hybridization, AI, and…
Latest Cybersecurity News — Page 698
View all →
Critical Langchain Vulnerability Let attackers Exfiltrate Sensitive Secrets from AI systems
A critical vulnerability in LangChain’s core library (CVE-2025-68664) allows attackers to exfiltrate sensitive environment variables and potentially execute code through deserialization flaws. Discovered by a…
ChatGPT’s new formatting blocks make its UI look more like a task tool
OpenAI has quietly rolled out ‘formatting blocks,’ which tweak GPT’s layout to match the UI of the task it is supposed to execute. ChatGPT has…
Five-year-old Fortinet FortiOS SSL VPN flaw actively exploited
Five-year-old Fortinet FortiOS SSL VPN vulnerability actively exploited Pierluigi Paganini December 25, 2025 Fortinet reported active exploitation of a five-year-old FortiOS SSL VPN flaw, abused…
Google Now Allows Users to Change Their @gmail.com Email Address
For years, one of the most persistent frustrations for Google users has been the inability to alter their primary email address without creating an entirely…
Unpatched FortiGate Security Flaw Allows Attackers to Bypass 2FA Controls
A critical authentication bypass vulnerability in FortiGate devices enables threat actors to circumvent two-factor authentication (2FA) protections through case-sensitive username manipulation. The flaw, tracked as…
Google will finally allow you to change your @gmail.com address
Google will finally allow you to change your @gmail address or create a new alias, according to a new support document. As spotted in a…
LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds
Dec 25, 2025Ravie LakshmananData Breach / Financial Crime The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take…
High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover
High-severity MongoDB flaw CVE-2025-14847 could lead to server takeover Pierluigi Paganini December 25, 2025 MongoDB addressed a high-severity vulnerability that can be exploited to achieve…
Net-SNMP Vulnerability Enables Buffer Overflow and the Daemon to Crash
A new critical vulnerability affecting the Net-SNMP software suite has been disclosed, posing a significant risk to network infrastructure worldwide. Tracked as CVE-2025-68615, this security flaw…
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
Dec 25, 2025Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video…
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Dec 25, 2025Ravie LakshmananVulnerability / Enterprise Security Fortinet on Wednesday said it observed “recent abuse” of a five-year-old security flaw in FortiOS SSL VPN in…