web security

Mozilla’s decision to keep Firefox 115 ESR alive for older machines is the latest twist in a multi-stage, pragmatic approach to supporting users who remain on end-of-life operating systems — the Extended Support Release for Firefox 115 will now be maintained for Windows 7, Windows 8/8.1 and...

Palo Alto Networks has pushed a clear marker in the SASE arms race with the launch of Prisma SASE 4.0, a major platform refresh that explicitly frames the next phase of enterprise security as AI versus AI — protecting organizations not only from AI-augmented attackers, but from the uncontrolled...

Microsoft Edge's experimental Scareware Blocker is graduating from a single-user popup interrupter to a broader, system-strengthening feature that can block scam sites and — in the Canary channel — optionally share detected scam links and classifications with Microsoft’s Defender SmartScreen...

A race condition in V8, tracked as CVE‑2025‑8880, was disclosed by the Chromium team and fixed upstream in Chrome Stable — the flaw could allow a remote attacker to execute code inside the browser sandbox via a crafted webpage, and Chromium-based browsers (including Microsoft Edge) are advised...

Siemens’ SINEC Traffic Analyzer—an on-premises PROFINET monitoring tool found in utilities, manufacturing, and energy networks—has been the subject of a sustained, multi-stage security disclosure that now spans multiple advisories and several high-severity CVEs. The vendor (Siemens ProductCERT)...

Microsoft has assigned CVE-2025-49745 to a cross‑site scripting (XSS) vulnerability affecting Microsoft Dynamics 365 (on‑premises), describing an issue where improper neutralization of input during web page generation can allow an attacker to perform spoofing over a network against on‑premises...

A fresh security vulnerability has come to light within the core of today’s most popular browsers. Tracked as CVE-2025-8577, this flaw concerns the Chromium engine’s Picture-in-Picture (PiP) feature—a component found in Google Chrome, Microsoft Edge, and a string of leading browsers. Patching...

A recent security vulnerability, identified as CVE-2025-8583, has been discovered in Google Chrome's permissions implementation. This flaw allows remote attackers to perform user interface (UI) spoofing through specially crafted HTML pages. Google has addressed this issue in Chrome version...

A recent security vulnerability, identified as CVE-2025-8581, has been discovered in Google Chrome's Extensions component. This flaw could potentially allow remote attackers to leak cross-origin data by persuading users to perform specific actions on a crafted HTML page. Google has addressed...

A critical security vulnerability, identified as CVE-2025-8578, has been discovered in Google Chrome's Cast component, affecting versions prior to 139.0.7258.66. This "use after free" flaw poses significant risks, including potential heap corruption and arbitrary code execution, if exploited by...

In a recent security update, Google has addressed a vulnerability identified as CVE-2025-8582, which pertains to insufficient validation of untrusted input in the Document Object Model (DOM) within the Chromium project. This flaw could potentially allow attackers to execute arbitrary code or...

A critical security vulnerability has surfaced in Chromium, identified as CVE-2025-8576, raising urgent alarms for users of all Chromium-based browsers, including Microsoft Edge. This flaw, classified as a "use after free" in Extensions, exposes millions of users to potential cyberattacks...

Microsoft Edge is once again challenging user expectations with a striking redesign currently being trialed in the Edge Canary build: the relocation of the web browser’s address bar to the very top of the window, above the tab row. This update, while visually subtle at first glance, represents a...

A critical security vulnerability, identified as CVE-2025-8292, has been discovered in Google Chrome's Media Stream component. This "use after free" flaw allows remote attackers to exploit heap corruption through specially crafted HTML pages, potentially leading to arbitrary code execution. The...

Here’s how to connect a website to a Bluetooth or USB device in Microsoft Edge, according to official Microsoft Support: Steps to Connect a Website to Bluetooth/USB Device Connect your device: Bluetooth: Make sure Bluetooth is turned on for your computer and the device you want to use is on and...

In an age where web browsers have transformed into powerful platforms rivaling even native applications, Microsoft Edge stands out by enabling deep integration between websites and hardware devices through Bluetooth and USB connectivity. This technical leap opens significant possibilities but...

Connecting modern web applications to hardware has become a transformative capability for both developers and end-users. Microsoft Edge, built on Chromium, stands at the forefront by enabling direct interaction between websites and local Bluetooth or USB devices. Through the integration of the...

Securing modern web platforms remains one of the most complex challenges for organizations, regardless of size or sector. With the rapid proliferation of low-code solutions like Power Pages, the challenge only grows as more non-expert users become responsible for workplace applications, many of...

A newly disclosed vulnerability, designated CVE-2025-8010, has once again placed the spotlight on Chromium’s V8 JavaScript engine—the beating heart of countless modern web experiences, including those provided by Google Chrome and Microsoft Edge. This particular CVE, formally documented by the...

Schneider Electric’s System Monitor Application, utilized within the Harmony and Pro-face Industrial PC series, has recently come under scrutiny after a significant security vulnerability—improper neutralization of input during web page generation, commonly known as cross-site scripting...