Security News > 2025

Google fixes actively exploited FreeType flaw on Android
2025-05-06 13:33

Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. [...]

RCE flaw in tool for building AI agents exploited by attackers (CVE-2025-3248)
2025-05-06 13:08

A missing authentication vulnerability (CVE-2025-3248) in Langflow, a web application for building AI-driven agents, is being exploited by attackers in the wild, CISA has confirmed by adding it to...

Webinar: Securely migrating to the cloud
2025-05-06 13:00

Whether your organization is already in the cloud or just starting to plan your migration, security is a top priority. This webinar will help you to better understand your options for cloud...

Microsoft unveils new AI agents that can modify Windows settings
2025-05-06 13:00

Today, Microsoft announced new Windows experiences for Copilot+ PCs, including AI agents that will make changing settings on your Windows computer easier. [...]

Third Parties and Machine Credentials: The Silent Drivers Behind 2025's Worst Breaches
2025-05-06 11:25

It wasn't ransomware headlines or zero-day exploits that stood out most in this year's Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently,...

Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
2025-05-06 11:05

Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. "While these...

Fake Student Fraud in Community Colleges
2025-05-06 11:03

Reporting on the rise of fake students enrolling in community college courses: The bots’ goal is to bilk state and federal financial aid money by enrolling in classes, and remaining enrolled in...

Entra ID Data Protection: Essential or Overkill?
2025-05-06 10:00

Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As...

Exploited: Vulnerability in software for managing Samsung digital displays (CVE-2024-7399)
2025-05-06 09:55

An easily and remotely exploitable vulnerability (CVE-2024-7399) affecting Samsung MagicINFO, a platform for managing content on Samsung commercial displays, is being leveraged by attackers....

Linux wiper malware hidden in malicious Go modules on GitHub
2025-05-06 09:13

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. [...]