Topic: information disclosure
-
Microsoft Patches Critical Zero-Day and 63 Flaws
Microsoft's November 2025 Patch Tuesday addresses 63 vulnerabilities, including one actively exploited zero-day and four critical issues, requiring immediate deployment by system administrators. The update includes the first extended security update (ESU) for Windows 10, urging organizations to u...
Read More » -
Google Patches Actively Exploited Android Security Flaws
Google's December security update patches over 50 Android vulnerabilities, including two high-severity flaws in the Android Framework that are already being used in limited, targeted attacks. The two critical vulnerabilities (CVE-2025-48633 and CVE-2025-48572) could allow unauthorized access to s...
Read More » -
Critical Vulnerability in All In One SEO Plugin Impacts 3M+ WordPress Sites
A critical vulnerability in the All in One SEO plugin exposed its global AI access token to any logged-in user with Contributor-level permissions, risking unauthorized AI usage and service credit depletion. The flaw, stemming from a missing permission check on an API endpoint, is part of a trend,...
Read More » -
Google Patches Actively Exploited Zero-Day Vulnerabilities
Google has released a critical Android security update patching over 100 vulnerabilities, including three severe flaws that are under active, targeted exploitation. Two high-severity information disclosure vulnerabilities (CVE-2025-48633 & CVE-2025-48572) can expose sensitive data or grant elevat...
Read More » -
Microsoft Patches 6 Zero-Day Exploits in Critical October Update
Microsoft's October 2025 Patch Tuesday addresses 172 vulnerabilities, including six actively exploited zero-days and eight critical-rated flaws, with a focus on remote code execution and privilege escalation risks. Windows 10 has reached its end of support, requiring users to enroll in Extended S...
Read More » -
Popular Game Servers Shutting Down Soon, Will Be Delisted
WWE 2K24's online servers will permanently shut down on March 31, 2026, disabling all online features, though offline modes will remain playable. The game will be delisted from digital stores on January 31, 2026, halting all purchases of virtual currency and downloadable content. This follows a c...
Read More » -
Oracle Issues Urgent Patch for Critical E-Business Suite Flaw
Oracle has released an urgent security patch for a critical vulnerability (CVE-2025-61884) in its E-Business Suite, which can be exploited remotely without authentication to access confidential information. The vulnerability, with a CVSS score of 7.5, affects EBS versions 12.2.3 to 12.2.14, and O...
Read More » -
Healthcare Sector: 58 Days to Patch Critical Security Flaws
Healthcare organizations are slow to patch serious security vulnerabilities, leaving sensitive systems and patient data exposed for extended periods. The sector remediates only 57% of serious findings, with a median resolution time of 58 days and an average of 244 days to address half of all issu...
Read More » -
Microsoft fixes critical Office zero-day under active attack
Microsoft has urgently patched a critical, actively exploited zero-day vulnerability (CVE-2026-21509) in Office, which allows attackers to bypass security features by tricking users into opening malicious files. While patches are available for Office 2021, LTSC 2021/2024, and Microsoft 365, secur...
Read More » -
Microsoft Patch Tuesday fixes 3 zero-days, 114 flaws in January 2026 update
Microsoft's January 2026 Patch Tuesday addresses 114 vulnerabilities, including eight critical flaws and three zero-days, with one confirmed as actively exploited. The actively exploited zero-day (CVE-2026-20805) is an information disclosure flaw in the Desktop Window Manager, while the other two...
Read More » -
Pentiment, Other Games Pulled From Steam Amid Unity Security Flaw
A security flaw in Unity game engine versions from 2017.1 onward has led to the temporary removal of several popular games from Steam, affecting multiple platforms but with no current evidence of exploitation. The vulnerability, reported responsibly by a researcher, could allow unsafe file loadin...
Read More »