Trump admin sends heart emoji to commercial spyware makers with lifted Predator sanctions

Predator has remained available through the Intellexa spyware consortium despite US sanctions imposed in 2024 on ...

This SmarterMail vulnerability allows remote code execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
Techzine Europe

IBM warns of critical flaw in API Connect

IBM is urging customers to immediately patch a critical vulnerability in API Connect. The flaw allows attackers to access ...

Supply chains, AI, and the cloud: The biggest failures (and one success) of 2025

One such event occurred in December 2024, making it worthy of a ranking for 2025. The hackers behind the campaign pocketed as ...
The Hacker News

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload ...
CSO Online

Patch Tuesday 2025 roundup: The biggest Microsoft vulnerabilities of the year

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...
FinanceFeeds

Javax Crypto Cipher Source Code Explained: What Happens Under the Hood

Explore the inner workings of the javax.crypto.Cipher class in Java's cryptography API: understand its provider-based architecture ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...
Infosecurity Magazine

Five Key Flaws Exploited in 2025's Major Software Supply Chain Incidents

Infosecurity has selected five of the most significant vulnerability exploitation campaigns of 2025 that led to major ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Apple patches two zero-day flaws used in targeted attacks

Apple releases emergency patches for two zero-day vulnerabilities actively exploited in attacks. iPhone and iPad users urged ...

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.