Security News

After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people's web browsing histories will get shut down in the forthcoming...

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are probing Palo Alto Networks GlobalProtect portals Cybersecurity company GreyNoise is...

Microsoft is continuing to build on their AI cybersecurity strategy and this month announced the introduction of new agents in Microsoft Security Copilot. They are introducing agents for phishing...

Apple has also fixed vulnerabilities in iPadOS 17.7.6, macOS Sonoma 14.7.5, and macOS Ventura 13.7.5, as well as its recently released iOS 18.4.

CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable...

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that has been exploited in the wild as part of attacks targeting organizations in...

CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. [...]

Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows...

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]

Veeam has released fixes for a critical remote code execution vulnerability (CVE-2025-23120) affecting its enterprise Veeam Backup & Replication solution, and is urging customers to quickly...