The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.

As offices go quiet between Christmas and New Year's, security teams brace for a busy stretch fending off hackers. Why it matters: Malicious hackers are opportunistic — and what's better than ...

Government agencies use SBOMs to expose hidden risks, govern artificial intelligence tools and speed response to software vulnerabilities.

Because it was under attack before a patch was made available by WatchGuard on December 18, this makes CVE-2025-14733 a bona ...

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

Attackers are exploiting a Flight protocol validation failure that allows them to execute arbitrary code without ...

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

A hacker found a way to access Amazon accounts using a malicious book downloaded to a Kindle. What you need to know about the ...

In a nod to the evolving threat landscape that comes with cloud computing and AI and the growing supply chain threats, Microsoft is broadening its bug bounty program to reward researchers who uncover ...

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...

AI is following the path of dynamite. Photo is of The Nobel's Extradynamit. Found in the collection of Nobelmuseet Stockholm. Artist : Historic Object. (Photo by Fine Art Images/Heritage Images/Getty ...