A critical MongoDB flaw, CVE-2025-14847, is under active exploitation, allowing unauthenticated data leaks from 87,000+ ...

A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.

Common vulnerabilities and exposures (CVEs) include all types of subversive entry-points discovered in programs, along with a ...

Hackers are exploiting CVE-2025-14847, aka MongoBleed, a MongoDB vulnerability, to leak sensitive information from server ...

Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost ...

Are You Guarding Your Machine Identities Effectively? The management of Non-Human Identities (NHIs) is a critical component of cybersecurity strategies for organizations operating in cloud ...

Cybersecurity firm Bitdefender published a report (PDF) this week detailing three security vulnerabilities it found in Wyze security cameras, leading to a flurry of criticism around both the ...

As the risks of cyberattacks that are related to security vulnerabilities continuously grow and can cause huge business damage, we see DevSecOps shifting more and more toward engineering. In this ...

Echo Software Ltd., a startup that’s using artificial intelligence agents to secure container images at the base layer, said today it has raised $35 million in an early-stage funding, just four months ...

Hackers have a list of easy ways into your IT system, and vulnerability scanners spot those loopholes so you can shut them down. We explore the best vulnerability managers. Vulnerability management ...

The day after Patch Tuesday, when Microsoft releases fixes for security vulnerabilities across the product family, is called Exploit Wednesday. Think of it as a window, no pun intended, that is left ...