Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products.
The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek.
Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform
Tel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities.
The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform appeared first on SecurityWeek.
Critical Triofox Vulnerability Exploited in the Wild
A threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools.
The post Critical Triofox Vulnerability Exploited in the Wild appeared first on SecurityWeek.
New Firefox Protections Halve the Number of Trackable Users
Mozilla has implemented fresh fingerprinting protections to prevent hidden trackers from identifying Firefox users.
The post New Firefox Protections Halve the Number of Trackable Users appeared first on SecurityWeek.
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager
Hardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments.
The post SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager appeared first on SecurityWeek.
CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors
Enforcement of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) requirements started on November 10, 2025.
The post CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors appeared first on SecurityWeek.
Honoring Our Veteran Readers: Thank You for Your Service
Your dedication to service, teamwork, and resilience is woven into the very fabric of cybersecurity.
The post Honoring Our Veteran Readers: Thank You for Your Service appeared first on SecurityWeek.
‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics
Attackers intercepting network traffic can determine the conversation topic with a chatbot despite end-to-end encrypted communication.
The post ‘Whisper Leak’ LLM Side-Channel Attack Infers User Prompt Topics appeared first on SecurityWeek.
Many Forbes AI 50 Companies Leak Secrets on GitHub
Wiz found the secrets and warned that they can expose training data, organizational structures, and private models.
The post Many Forbes AI 50 Companies Leak Secrets on GitHub appeared first on SecurityWeek.
Runc Vulnerabilities Can Be Exploited to Escape Containers
The flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched.
The post Runc Vulnerabilities Can Be Exploited to Escape Containers appeared first on SecurityWeek.
