Security
Headlines
HeadlinesLatestCVEs

Latest News

Japan Goes on Offense With New 'Active Cyber Defense' Bill

Japan is on a mission to catch up to the US standard of national cyber preparedness, and its new legislation is a measure intended to stop escalating Chinese cyber-espionage efforts, experts say.

DARKReading
#ios#apple#intel#auth
GHSA-772m-773g-qmhc: Missing rate limit in MaysWind ezBookkeeping

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.

GHSA-3wf7-83q3-948c: Remote code execution in alextselegidis/easyappointments

Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.

GHSA-mpg8-8x9c-p9gv: MaysWind ezBookkeeping has Improper Privilege Management

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.

Democratize security processes in your software development lifecycle

IT security is no longer the responsibility of a single, specialized team. To help protect your organization from growing cyber threats, IT security should be a priority for everyone. By integrating security processes and functions into every stage of the software development lifecycle, you not only better protect your products but you also build trust with your users. Here's how you can democratize security processes and make it a shared responsibility across your organization, while giving your developers what they need to create applications quickly.Software supply chain security tools and

EPMS: the cornerstone of cybersecurity in defense operations

In a landscape where cyber threats evolve daily, the Defense Information Systems Agency’s (DISA) Enterprise Patch Management System (EPMS) plays a critical role in maintaining the cybersecurity of the Department of Defense (DoD). EPMS is not just a tool—it's a strategy, bridging software, efficiency and innovation to enhance the security posture of critical systems.The Importance of EPMSEPMS addresses a core cybersecurity challenge: verifying that all systems are consistently patched against known vulnerabilities. With cyber adversaries growing more sophisticated, leaving any endpoint exp

President Trump to Nominate Former RNC Official as National Cyber Director

Sean Cairncross will be one of the primary advisers to the administration on national cybersecurity matters.

Massive 1.17TB Data Leak Exposes Billions of IoT Grow Light Records

Massive 1.17 TB data leak exposes billions of records from a Chinese IoT grow light company. Wi-Fi passwords,…

February Microsoft Patch Tuesday

February Microsoft Patch Tuesday. 89 CVEs, 33 added since January. Two with signs of exploitation in the wild: 🔻 EoP – Windows Ancillary Function Driver for WinSock (CVE-2025-21418)🔻 EoP – Windows Storage (CVE-2025-21391) There are no vulnerabilities with public exploits, but there are 7 with private ones: 🔸 RCE – Microsoft Edge (CVE-2025-21279, CVE-2025-21283)🔸 Auth. […]

GHSA-6fgm-x6ff-w78f: Potential Denial-of-Service condition leading to temporary disability in IBC transfers to the native chain

### Impact Chains using affected versions of Packet Forward Middleware in their IBC Transfer stack are vulnerable to an attack in which there is a potential denial of service. This affects IBC transfers for any asset which is being transferred between another chain and its native chain. We recommend upgrading as soon as possible. __THIS IS A STATE BREAKING CHANGE__ ### Patches Versions [7.2.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv7.2.1) and [8.1.1](https://github.com/cosmos/ibc-apps/releases/tag/middleware%2Fpacket-forward-middleware%2Fv8.1.1) are patched. ### Workarounds N/A ### References N/A