TITAN LAYERThe CVE-2025-38096 vulnerability in the iwlwifi driver may impact firmware security, leading to potential security failures. Microsoft has published detailed information about this issue.
GitHub has rolled out new controls for npm, allowing maintainers to approve releases before packages become publicly available. The publishing now requires two-factor authentication.
Anthropic's Project Glasswing has uncovered over 10,000 critical vulnerabilities in essential software, highlighting the effectiveness of AI in cybersecurity.
Financial crime investigators in the Netherlands arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks and disinformation campaigns.
An international operation led to the seizure of 'First VPN', which was used in ransomware and data theft attacks. This action underscores the collaboration among security agencies to combat cybercrime.
A validation and authentication flaw in the Secure Workload's REST APIs allows remote attackers to gain Site Admin privileges. This vulnerability poses a significant risk to critical systems.
Hackers were able to bypass multi-factor authentication on SonicWall's SSL-VPN devices using brute-forced VPN credentials. This incident highlights the critical need for timely security patches.
Grafana Labs confirmed a breach in its GitHub environment, revealing public and private source code. The investigation found no compromise of production systems, but the exposure raises concerns about project security.
Microsoft has announced plans to raise the quality of Windows 11 drivers, which are essential for the operating system's performance and connection to hardware and peripherals.
Multiple healthcare data breaches in the US have affected millions, raising serious concerns about information security.
7-Eleven confirmed a significant data breach, where hackers from the ShinyHunters group stole over 600,000 Salesforce records, including personal information and corporate data.
A new vulnerability in Vim allows command injection due to the missing shellescape flag in the Vimuntar function. This flaw can compromise the security of systems using the text editor.
A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation to inject malicious JavaScript code into WooCommerce checkout pages, aiming to steal payment data.