December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...

AI coding agents are highly vulnerable to zero-click attacks hidden in simple prompts on websites and repositories, a ...

This weekly recap brings those stories together in one place. No overload, no noise. Read on to see what shaped the threat ...

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

MongoDB has warned IT admins to immediately patch a high-severity memory-read vulnerability that may be exploited by ...

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

WatchGuard is in emergency patch mode after confirming that a critical remote code execution flaw in its Firebox firewalls is under active attack.

Because it was under attack before a patch was made available by WatchGuard on December 18, this makes CVE-2025-14733 a bona fide zero-day vulnerability. The first job for admins should therefore be ...

A fast-moving spyware campaign has forced Apple, Google and the U.S. government into an unusually coordinated response, as federal officials warn organizations to either update Chrome and other ...

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Florida has executed a death row inmate for the "brutal and prolonged" rape and murder of a beloved convenience store manager who interrupted him during a robbery nearly 40 years ago. Richard Barry ...