Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities,…
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Nov 30, 2025Ravie LakshmananHacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security…
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code…
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT…
Popular Forge library gets fix for signature verification bypass flaw
A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could…
Second Sha1-Hulud Wave Affects 25,000+ Repositories via npm Preinstall Credential Theft
Nov 24, 2025Ravie LakshmananCloud Security / Vulnerability Multiple security vendors are sounding…
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
Nov 24, 2025Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have discovered five…
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
Nov 22, 2025Ravie LakshmananZero-Day / Software Security The U.S. Cybersecurity and Infrastructure…
Google Brings AirDrop Compatibility to Android’s Quick Share Using Rust-Hardened Security
Nov 21, 2025Ravie LakshmananData Protection / Technology In a surprise move, Google…