"MongoBleed": Exploit for critical vulnerability in MongoDB makes attacks easier

Those responsible for a MongoDB instance cannot rest easy: an exploit for a critical vulnerability makes upgrades even more ...
MacRumors

Update Now: iOS 26.2 Fixes 20+ Security Vulnerabilities

Apple today released iOS 26.2, iPadOS 26.2, and macOS 26.2, all of which introduce new features, bug fixes, and security improvements. Apple says that the updates address over 20 vulnerabilities, ...
Android Authority

Updated Android Security Bulletin sets stage for a hefty December 2025 security patch

Google has published the December 2025 Security Bulletin, revealing a long list of severe vulnerabilities in Android. These issues are expected to be patched with device-specific security updates ...
Searchenginejournal.com

Server Security Scanner Vulnerability Affects Up To 56M Sites

A critical vulnerability was recently discovered in Imunify360 AV, a security scanner used by web hosting companies to protect over 56 million websites. An advisory by cybersecurity company Patchstack ...
PC World

Millions at risk of critical PC security vulnerability, Dell warns

Users of Dell systems are currently at considerable risk: a “high impact” vulnerability (CVE-2025-46430) has been identified in Dell’s Display and Peripherals Manager (DDPM). According to Dell, ...
Bleeping Computer

SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor

SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code ...
TechSpot

Critical vulnerability in AMD Zen 5 CPUs could make encryption keys predictable

What we know so far: AMD has revealed that its Zen 5 processors are affected by a critical security vulnerability that compromises the reliability of their hardware-based random number generator, ...
Dark Reading

Microsoft Issues Emergency Patch for Critical Windows Server Bug

Microsoft on Thursday deployed a reworked update for a critical vulnerability in the Windows Server Update Service (WSUS) that has come under attack in the wild. CVE-2025-59287 is a remote code ...
Dark Reading

Framelink Figma MCP Server Opens Orgs to Agentic AI Compromise

Model Context Protocol (MCP) servers, which are the glue that links AI agents with other enterprise systems, continue to pop up as potential chinks in the proverbial organizational armor. This week, ...
PC Gamer

Unity has found a security vulnerability that has sat dormant for almost a decade: 'Take immediate action to protect your games & apps'

Though Unity claims there's no evidence of impact 'on users or customers.' When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Add us as a preferred ...
Ars Technica

Supermicro server motherboards can be infected with unremovable malware

Servers running on motherboards sold by Supermicro contain high-severity vulnerabilities that can allow hackers to remotely install malicious firmware that runs even before the operating system, ...