News Archives • Page 141 of 652 • Daily CyberSecurity

Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty

Chrome 148 lazy loading Chrome for Linux ARM64 Chrome 145 Update Chrome Security Fixes Chrome Security Update CVE-2026-1220 Chrome 144 Security Update CVE-2026-0899 Chrome Memory Safety, WebGPU UAF Chrome V8 Type Confusion, Google Updater Flaw Chrome V8 Flaw, CVE-2025-13042 Chrome V8, Type Confusion, Chrome 142 Update Chrome V8 Flaw, CVE-2025-12036 Chrome 141, WebGPU Overflow Google Chrome preloading Chrome, V8 vulnerability CVE-2025-9132 Chrome Security Update, Use-After-Free Chrome V8, Type Confusion Chrome Telemetry, Windows 10 EOL Microsoft Family Safety, Chrome Blocking Chrome Security Update, High-Severity Google Chrome, Antitrust CVE-2024-10487 and CVE-2024-10488 Google Chrome Root Program Chrome Update, CVE-2025-3619 Chrome Acquisition, Perplexity.ai

Chrome 143 Stable Fixes 13 Flaws: High-Severity V8 Type Confusion Earns $11,000 Bounty

Do Son December 3, 2025

Google has officially promoted Chrome 143 to the stable channel for Windows, macOS, and Linux, rolling out...

Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Django Flaw (CVE-2025-13372) Allows SQL Injection in PostgreSQL FilteredRelation

Do Son December 3, 2025

The maintainers of Django, the high-level Python web framework that powers some of the internet’s largest sites,...

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

Iskra iHUB Auth Bypass, Critical Smart Metering Flaw

CISA Warns: Critical Iskra iHUB Flaw (CVE-2025-13510) Allows Unauthenticated Smart Metering Takeover

Do Son December 3, 2025

A critical security vacuum has been discovered in smart metering infrastructure, potentially leaving utility networks exposed to...

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover

Do Son December 3, 2025

A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts,...

High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

Angular hostname hijacking vulnerability Angular SSRF Origin Hijacking Angular XSS Vulnerability CVE-2026-32635 Angular i18n XSS CVE-2026-27970 Angular SSR SSRF CVE-2026-27739 Angular Vulnerability CVE-2026-22610 CVE-2025-59052 Angular security Angular XSS Bypass, SVG Injection

High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass

Do Son December 3, 2025

The maintainers of Angular, the popular platform for building mobile and desktop web applications, have released an...

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Do Son December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

Apple Spring Event 2026 Apple Intel 14A iPhone 2028, Intel Foundry Apple Silicon iPhone 18 glass cloth shortage, Nittobo T-glass Apple crisis Apple UK App Store lawsuit appeal, Apple tax £1.5bn damages Apple AI Leadership Shakeup Giannandrea Subramanya Touchscreen MacBook Pro Apple 2026 Roadmap Apple Smart Home, Desktop Robot Apple H3 Chip, AirPods Camera Apple chips, on-device AI Apple AI, retail chatbot MacBook, Affordable Foldable iPhone, Apple Strategy Apple COO, Leadership Transition DOJ Lawsuit Apple EU Policy, App Store Fees CVE-2024-23222 Apple French antitrust fine

Apple AI Shakeup: Giannandrea Out, Former Google Gemini Chief Amar Subramanya Hired

Do Son December 2, 2025

Apple has announced a major leadership reshuffle, confirming that Senior Vice President of Machine Learning and AI...

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Alarm: Coupang Data Breach Exposes 33.7 Million Users—Over Half of South Korea

Do Son December 2, 2025

A major data breach has struck Coupang, one of South Korea’s most prominent e-commerce platforms, compromising the...

Europol CryptoMixer Takedown Centralized Mixer Seizure

Europol Shuts Down CryptoMixer, Seizes €25 Million in Bitcoin & 12 TB of Data

Do Son December 2, 2025

Europol recently disclosed that, during a coordinated operation, it successfully dismantled the mixing service CryptoMixer, a platform...

AWS Transform: Agentic AI Automates Legacy Code Modernization and Reduces Technical Debt AWS Transform Agentic AI Technical Debt Automation

AWS Transform: Agentic AI Automates Legacy Code Modernization and Reduces Technical Debt

Do Son December 2, 2025

At the re:Invent 2025 conference, AWS announced a sweeping enhancement to its application-modernization service, AWS Transform, introducing...

AWS re:Invent 2025: Agentic AI, Marengo 3.0 Video Model, and Visa Payment Partnership AI content licensing marketplace AWS Nova 2 Nova Act AWS Agentic AI TwelveLabs Marengo 3.0

AI content licensing marketplace AWS Nova 2 Nova Act AWS Agentic AI TwelveLabs Marengo 3.0

AWS re:Invent 2025: Agentic AI, Marengo 3.0 Video Model, and Visa Payment Partnership

Do Son December 2, 2025

As AWS re:Invent 2025 unfolds, the company has unveiled a wide array of new technological collaborations, spanning...

NVIDIA Invests $2 Billion in Synopsys to Integrate Agentic AI into Chip Design NVIDIA Synopsys Investment Agentic AI Chip Design

NVIDIA Invests $2 Billion in Synopsys to Integrate Agentic AI into Chip Design

Do Son December 2, 2025

NVIDIA and electronic design automation (EDA) leader Synopsys have announced an expanded strategic partnership that will usher...

AWS re:Invent: Agentic AI Launches with Nova Sonic Voice; Partners with Google Cloud on Networking AWS Middle East drone strikes AWS Frontier Agents Autonomous Software Engineering AWS AI Factories Data Sovereignty AI Agentic AI Nova Sonic AWS Google Cloud Interconnect AWS Free Tier, Cloud Credits Freevee, ad-supported streaming Amazon AI, North Carolina Investment CVE-2022-2385

AWS re:Invent: Agentic AI Launches with Nova Sonic Voice; Partners with Google Cloud on Networking

Do Son December 2, 2025

At AWS’s annual re:Invent 2025 conference in Las Vegas, the company unveiled a major series of enhancements...

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones Oracle user data Sanchar Saathi Mandatory India Preinstalled App

Oracle user data Sanchar Saathi Mandatory India Preinstalled App

Privacy Alert: India Mandates Undeletable Sanchar Saathi App on All New Smartphones

Do Son December 2, 2025

According to a report from Reuters, the Indian government has informed major smartphone manufacturers that they must...

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

Critical OpenVPN Flaws Fix: Heap Over-Read (CVSS 9.1) and HMAC Bypass Allow DoS Attacks

Do Son December 2, 2025

The OpenVPN project has released a crucial security update with the launch of version 2.7_rc2, addressing a...

Android CLI Android Security Zero-Interaction DoS CVE-2026-21385 Android Security Update UK CMA Apple Google regulation Google Aluminum OS Android 16 leak, ALOS Android ChromeOS merger Android sideloading certification 2026, Google developer verification APK Android AOSP biannual release, AOSP source code latency 2026 Android Zero-Day, Critical DoS Flaw Android Universal Clipboard Cross-Device Sync Gemini Nano Block, Unlocked Bootloader Android, Calling Cards Android Security Bulletin, RCE Vulnerability Android Linux GUI, Debian VM Android System Services, Google Transparency Android 16, Pixel Update

Android Emergency: Critical DoS Flaw and 2 Exploited Zero-Days in Framework Require Immediate Patch

Do Son December 2, 2025

Google has released the Android Security Bulletin for December 2025, detailing a slate of vulnerabilities affecting the...

nopCommerce Flaw (CVE-2025-11699) Allows Admin Takeover by Reusing Session Cookies After Logout nopCommerce Session Hijacking, Logout Bypass

nopCommerce Flaw (CVE-2025-11699) Allows Admin Takeover by Reusing Session Cookies After Logout

Do Son December 2, 2025

A significant security vulnerability has been identified in nopCommerce, a popular open-source ecommerce platform that serves as...

Next-Gen Stealer Arkanix Bypasses Chrome App-Bound Encryption Using C++ Process Injection Arkanix Stealer, App-Bound Encryption Bypass

Next-Gen Stealer Arkanix Bypasses Chrome App-Bound Encryption Using C++ Process Injection

Do Son December 2, 2025

A new, rapidly evolving threat has entered the crowded landscape of malware-as-a-service. Researchers at G DATA have...

CVE-2025-64775: Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion Apache Struts 2 Vulnerability CVE-2025-68493 CVE-2021-31805 Struts DoS, File Upload Leak

Apache Struts 2 Vulnerability CVE-2025-68493 CVE-2021-31805 Struts DoS, File Upload Leak

CVE-2025-64775: Apache Struts “File Leak” Vulnerability Threatens Disk Exhaustion

Do Son December 2, 2025

The Apache Software Foundation has issued an important advisory regarding a significant Denial of Service (DoS) vulnerability...

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

The BOSS Breach: APT36 Pivots to Linux Espionage with “Silent” Shortcuts

Do Son December 2, 2025

A prominent state-aligned threat actor has significantly evolved its arsenal, launching a sophisticated campaign targeting the Linux-based...