Two significant local information disclosure vulnerabilities in major Linux distributions, CVE-2025-5054 and CVE-2025-4598, allow local attackers to exploit core dump handling mechanisms to extract sensitive data, potentially affecting millions of systems.
Microsoft’s May 2025 Patch Tuesday updates resolve 72 vulnerabilities, including five actively exploited zero-day flaws that pose significant security risks across various Microsoft products.
In April 2025, Microsoft issued a significant security update for its products, addressing 134 vulnerabilities, notably the critical CVE-2025-29824 in the Windows Common Log File System driver, which is currently being exploited by the RansomEXX ransomware group.
Microsoft’s January 2025 Patch Tuesday update fixes 161 vulnerabilities, including three critical zero-day exploits affecting Hyper-V, which are currently under active exploitation.
Microsoft’s January 2025 Patch Tuesday update addresses 159 vulnerabilities, including critical flaws in Windows Remote Desktop Services and Microsoft Outlook, with several actively exploited vulnerabilities requiring immediate attention.
Google has issued an urgent alert for nearly 2 billion Windows users to update their Chrome browser to address critical security vulnerabilities, including a remote code execution flaw discovered by Apple’s SEAR team.
The Viettel Cyber Security team secured their second consecutive championship at Pwn2Own 2024 in Ireland, earning $205,000 by discovering nine zero-day vulnerabilities across various products, including the Sonos Era 300 speaker and HP Color LaserJet Pro printer.
A critical security vulnerability, tracked as CVE-2024-9680, has been identified in Mozilla Firefox, allowing remote attackers to execute arbitrary code, with active exploitation reported in the wild.
NVIDIA has patched a severe vulnerability, CVE-2024-0132, allowing threat actors to potentially gain full root privileges on host systems through container escapes.
Google’s adoption of memory-safe languages like Rust has significantly decreased memory safety vulnerabilities in Android over a six-year period.
