Security News

April was an event-filled month for cybersecurity. Patch Tuesday came to us quickly on April 8 – the earliest first Tuesday possible in a given month. We again saw large numbers of CVEs addressed...

SonicWall has urged its customers to patch three security vulnerabilities affecting its Secure Mobile Access (SMA) appliances, one of them tagged as exploited in attacks [...]

Cybersecurity researchers are warning about a large-scale phishing campaign targeting WooCommerce users with a fake security alert urging them to download a "critical patch" but deploy a backdoor...

Redmond reckons $1.50/core/month hotpatch service is worth it to avoid eight Patch Tuesday scrambles each year Microsoft has announced that its preview of hotpatching for on-prem Windows Server...

German software giant paywalls details, but experts piece together the clues SAP's latest out-of-band patch is for a perfect 10/10 bug in NetWeaver that experts suspect could have already been...

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. [...]

A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. [...]

PLUS: Chinese robodogs include backdoor; OpenAI helps spammer; A Dutch data disaster; And more! Infosec In Brief Fortinet last week admitted that attackers have found new ways to exploit three...

Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put...

Can't Redmond ask its whizz-bang Copilot AI to fix it? Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using...