patches

Security breaches rarely come crashing through the front door. More often, they creep in through vulnerabilities that should have been closed long ago. The patch existed. It may have even …

Microsoft has released patches to fix 67 security flaws, including one zero-day bug in Web Distributed Authoring and Versioning (WebDAV) that it said has come under active exploitation in the …

Vulnerability in the JavaScript engine The Chrome team described the vulnerability as an out of bounds memory read and write in V8, which is Chrome’s JavaScript and WebAssembly engine. The …

Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. “Google is aware that an exploit for CVE-2025-5419 …

Sailors have reported mysterious “milky seas,” or miles-long glowing patches of ocean for centuries. Some researchers have created a database to figure out why they glow. Steven D. Miller/CIRA/CSU and …

A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. …

“Unlike other browsers, Chrome resolves the Link header on subresource requests. But what’s the problem? The issue is that the Link header can set a referrer-policy. We can specify unsafe-url …

Flaws in third-party components Ivanti notes that the vulnerabilities are located in two open-source libraries used in the product. Because the flaws have not yet been announced in the libraries …

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. The company issued security updates for this security flaw (CVE-2025-42999) …

Successful exploitation of the flaw could allow attackers to upload files, perform path traversal, and execute arbitrary commands with root privileges. Non-WLC instances remain unaffected According to the advisory, customers …