InfoWorld

React2Shell is the Log4j moment for front end development

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...
SecurityWeek

From Open Source to OpenAI: The Evolution of Third-Party Risk

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...
SecurityWeek

CISO Communities – Cybersecurity’s Secret Weapon

Closed CISO communities act as an information exchange, advice center, pressure valve, and safe haven from critical oversight ...

Solving The Clarity Problem For Vulnerability Management

As disclosure-to-exploitation timelines compress, organizations are rethinking how they validate exploitability and ...
CSO Online

WatchGuard fixes ‘critical’ zero-day allowing firewall takeover

Because it was under attack before a patch was made available by WatchGuard on December 18, this makes CVE-2025-14733 a bona ...

Clop ransomware targets Gladinet CentreStack in data theft attacks

The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion ...

Critical Amazon Kindle Hack Confirmed — What You Need To Know

A hacker found a way to access Amazon accounts using a malicious book downloaded to a Kindle. What you need to know about the ...