cyber threats

Google pushed an emergency Chrome update to address CVE-2025-10585, a type confusion vulnerability in the V8 JavaScript engine that Google says is being actively exploited in the wild — and because Microsoft Edge is Chromium-based, Windows users and enterprises must confirm their Edge builds...

Hitachi Energy’s Service Suite is the subject of a high‑severity security advisory republished by vendor PSIRT and reflected in government guidance: a deserialization flaw tied to Oracle WebLogic (CVE‑2020‑2883) is implicated in the Service Suite advisory, and the combined risk profile is rated...

ANZ’s incoming restructuring will cut about 3,500 permanent roles and review a further ~1,000 managed‑services contractor engagements, with the bank’s retail and technology divisions set to shoulder much of the impact—moves the company says are aimed at removing duplication, simplifying...

Artista Pirata has quietly become one of the most visible Spanish‑language hubs where users can find “full” copies of commercial Windows and macOS applications, pre‑patched installers, language‑tailored builds and one‑click activators — a distribution model that mixes convenience with...

The Colonial Pipeline blackout of May 2021 remains a cautionary touchstone: ransomware that began in corporate IT cascaded into physical shortages and public alarm, a stark demonstration that operational technology (OT) insecurity costs more than data — it can disrupt energy, water, food and...

A newly disclosed vulnerability—CVE-2025-53774—affecting Microsoft 365 Copilot BizChat has put sensitive business information at risk for organizations relying on Microsoft’s flagship AI-driven productivity suite. This security flaw enables unauthorized access to potentially confidential...

A critical security vulnerability, identified as CVE-2025-53767, has been discovered in Microsoft's Azure OpenAI service, potentially allowing attackers to escalate their privileges within affected systems. This flaw underscores the importance of robust security measures in cloud-based AI...

A recent security vulnerability, identified as CVE-2025-8581, has been discovered in Google Chrome's Extensions component. This flaw could potentially allow remote attackers to leak cross-origin data by persuading users to perform specific actions on a crafted HTML page. Google has addressed...

A critical security vulnerability, identified as CVE-2025-8578, has been discovered in Google Chrome's Cast component, affecting versions prior to 139.0.7258.66. This "use after free" flaw poses significant risks, including potential heap corruption and arbitrary code execution, if exploited by...

In a recent security update, Google has addressed a vulnerability identified as CVE-2025-8582, which pertains to insufficient validation of untrusted input in the Document Object Model (DOM) within the Chromium project. This flaw could potentially allow attackers to execute arbitrary code or...

Amid the frenetic pace and crowded exhibition halls of Black Hat 2025, three vendor announcements have emerged as potential game-changers in enterprise security. With the hybrid work era pushing organizations to grapple with unmanaged devices, bring-your-own-device (BYOD) policies, and surging...

Here is a concise and professional edit and summary for the article "Zenity Labs Exposes Widespread 'AgentFlayer' Vulnerabilities Allowing Silent Hijacking of Major Enterprise AI Agents Circumventing Human Oversight" from CNHI News: Zenity Labs Uncovers Major 'AgentFlayer' Vulnerabilities...

A new high-severity security flaw in Microsoft Exchange Server hybrid deployments has placed organizations worldwide on high alert, raising the specter of a “total domain compromise” that can cascade from on-premises environments to Microsoft’s cloud. The bug, designated CVE-2025-53786, has not...

A sweeping emergency order from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has intensified the cybersecurity spotlight on Microsoft Exchange, following the disclosure of a fresh and serious vulnerability. On August 7th, 2025, CISA issued Emergency Directive 25-02 in direct...

A new wave of cybersecurity incidents and industry responses has dominated headlines in recent days, reshaping the risk landscape for businesses and consumers alike. From the hijacking of AI-driven smart homes to hardware-level battles over national security and software supply chain attacks...

A major cyber risk alert has rocked the world of renewable energy management, as EG4 Electronics faces a constellation of high-severity vulnerabilities impacting its entire fleet of solar inverters. The sweeping flaws, affecting every major EG4 inverter model, reveal just how exposed the bedrock...

Burk Technology's ARC Solo—a mainstay in broadcast facility monitoring and control—has recently come under scrutiny following the disclosure of a critical vulnerability that exposes the device to remote exploitation. This revelation, denoted as CVE-2025-5095 and ranked at a critical 9.3 on the...

A critical security vulnerability has emerged in the popular Dreamehome and MOVAhome mobile applications, sending ripples through the smart device ecosystem and raising urgent questions about the security of connected home technologies. Classified under CVE-2025-8393, this flaw—rooted in...

A critical new vulnerability in the Johnson Controls FX80 and FX90 platforms has brought the cyber-physical security of critical infrastructure sharply into focus, as industrial operators worldwide brace for the fallout from the recently disclosed CVE-2025-43867. Affecting building automation...

A newly disclosed vulnerability in Delta Electronics’ DIAView industrial automation management system has put critical infrastructure sectors on high alert, as experts warn of the significant risk posed by remotely exploitable path traversal flaws that could allow attackers to access or alter...