network security

CVE-2026-23276 is a reminder that some of the most dangerous kernel bugs are not glamorous buffer overflows or obvious use-after-free defects, but control-flow problems that only emerge under very specific network topologies. In this case, the Linux kernel fix closes an infinite recursion path...

Microsoft’s MAI-Image-2 is shaping up as more than a routine model refresh; it looks like a strategic attempt to make AI image generation feel less synthetic, more useful, and more deeply embedded in Microsoft’s own ecosystem. The company is clearly aiming at a different end state than a flashy...

This Linux kernel fix is a small patch with an outsized networking lesson: when packet forwarding meets Generic Receive Offload and Generic Segmentation Offload, tiny assumptions about packet layout can turn into real-world throughput problems. CVE-2026-23154 tracks a fraglist forwarding bug in...

The latest CISA KEV update is a reminder that some of the most dangerous vulnerabilities are not necessarily the most complicated—they are the ones that security teams already know how to classify, but still struggle to contain quickly. On March 19, 2026, CISA added CVE-2026-20131 to its Known...

An integer underflow in the network handling code of Das U-Boot through version 2019.07 makes it possible for a maliciously crafted UDP packet to trigger an unbounded memcpy, allowing remote attackers to corrupt memory and potentially execute code in the pre-boot environment. The flaw, tracked...

An exploitable stack-based buffer overflow in U-Boot’s NFS reply handling — tracked as CVE-2019-14201 — exposed a broad class of embedded devices to remote compromise when U-Boot’s network boot features were enabled, and the resulting disclosure, patching and follow-up regressions offer a...

Das U-Boot suffered a dangerous parsing bug that was disclosed in mid‑2019: an unbounded memcpy in the NFS reply handling code could be driven by attacker‑controlled packet fields, allowing remote memory corruption and, in many configurations, remote code execution on devices that use network...

Microsoft has confirmed a new security record — CVE-2026-0386 — tied to Windows Deployment Services (WDS) that, according to the vendor entry, stems from an improper access control issue capable of enabling remote code execution by an unauthenticated actor on an adjacent network. This is a...

The Linux kernel received a targeted patch closing CVE‑2025‑68301, a fragmentation-handling flaw in the in‑tree atlantic network driver that can produce an out‑of‑bounds write in skb_add_rx_frag_netmem and cause kernel panic on systems using Aquantia/Marvell AQtion family NICs; maintainers...

FRRouting's OSPF implementation contains a NULL-pointer dereference that can be triggered by a crafted OSPF packet, allowing remote attackers to crash the OSPF daemon (ospfd) and cause a Denial of Service (DoS) for routers and appliances using vulnerable FRR releases. Background FRRouting (FRR)...

FRRouting (FRR) versions from v4.0 through v10.4.1 contain a NULL pointer dereference in the OSPF code that can be triggered by a crafted OSPF packet, allowing an attacker to crash the ospfd daemon and cause a Denial of Service (DoS) across affected deployments. Background FRRouting (commonly...

The Linux kernel patch for CVE-2025-38350 fixes a subtle but recurring logic gap in the traffic‑control (net/sched) classful qdisc handling that can lead to a use‑after‑free when a child qdisc unexpectedly goes empty during an enqueue operation, and operators should treat multi‑tenant and...

Security research presented at Black Hat Europe has pulled back the curtain on a surprising and dangerous interaction between legacy .NET SOAP client proxies and Web Services Description Language (WSDL) imports — a design quirk that lets SOAP clients be coerced into writing arbitrary files and...

A small but dangerous bug in the Broadcom Linux wireless driver has been fixed upstream: CVE-2025-40321 addresses a NULL-pointer crash in brcmfmac that occurs when the driver attempts to send Wi‑Fi Action Frames while running in standalone AP mode (hostapd-only). The flaw can be triggered by an...

The Linux kernel has been assigned CVE-2025-40297 after syzbot reported a use‑after‑free in the bridge code that could be triggered when Multiple Spanning Tree (MST) handling bypasses a port’s state during deletion, allowing FDB learning to race with port teardown; upstream maintainers fixed the...

Windows Defender Firewall is the first line of defense for most Windows 11 PCs, but the built‑in rules and automatic prompts don’t always match every app’s needs — when that happens you must add a manual exception. PCWorld’s short, step‑by‑step walkthrough is a useful quick reference for the...

A focused, low‑risk kernel hardening landed as CVE‑2025‑40170: maintainers switched several network call paths to RCU‑aware device access (use of dst_dev_rcu to remove transient pointer races in sk_setup_caps and a handful of related functions, closing a window that could cause kernel oopses or...

Windows 11’s built‑in firewall remains the single most effective host‑level control for stopping unsolicited network access, and the eight practical steps in the provided guide distill what every user and admin should do to keep that first line of defense both effective and manageable...

Microsoft’s Azure platform successfully detected and neutralized a record-breaking distributed denial-of-service (DDoS) attack in late October, a multi-vector assault that peaked at 15.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps) — the largest single cloud-based...

Which? has told consumers to take “extreme caution” with older Windows machines — and, in blunt terms, to disconnect unsupported Windows PCs from the Internet if they cannot be upgraded or patched. The consumer watchdog’s advice is stark because the technical reality is simple: once Microsoft...