Uncategorized
MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities
XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it t...
NEWS ROUNDUP – 12th December 2025
This 48-hour DFM roundup tracks global cyber risk across DFIR, investigations, major incidents, exploitation and governance. Highlights...
Microsoft Bug Bounty Program Expanded to Third-Party Code
All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services...
Notepad++ Patches Updater Flaw After Reports of Traffic Hijacking
Notepad++ found a vulnerability in the way the software updater authenticates update files.
The post Notepad++ Patches Updater Flaw Af...
Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions ...
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could re...
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerabili...
$320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.
The p...
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoSer...
Trump Signs Executive Order to Block State AI Regulations
Members of Congress from both parties have pushed for more regulations on AI, saying there is not enough oversight for the powerful tec...