In a recent security incident reported by BleepingComputer, Red Hat, a leading provider of open-source solutions, has confirmed that one of its GitLab instances was compromised by hackers. This incident highlights the ongoing challenges organizations face in safeguarding sensitive development and customer data. According to the breach details, an extortion group calling itself the Crimson

Continue Reading

Three serious vulnerabilities, dubbed the Gemini Trifecta, were recently revealed in Google’s Gemini AI assistant suite, based on findings from security researchers at Tenable. These flaws exposed users to significant privacy risks, including search-injection attacks on the Search Personalization Model, log-to-prompt injection attacks on Gemini Cloud Assist, and exfiltration of saved information via the Gemini

Continue Reading

Recent research by Cybernews has revealed a significant data breach affecting Lifeprint, a popular portable photo printer app available on iOS and Android platforms. Lifeprint enables users to instantly print photos and GIFs directly from their smartphones, offering a convenient way to share memories. Unfortunately, due to a critical security oversight, millions of private photos

Continue Reading

A newly disclosed security vulnerability in OneLogin’s platform could have exposed sensitive authentication credentials for hundreds of thousands of enterprise applications. The flaw, identified and responsibly reported by cybersecurity firm Clutch Security, allowed attackers with standard API access to extract confidential OpenID Connect (OIDC) client secrets — a critical piece in application-level authentication. The vulnerability

Continue Reading

Apple has released an important security update addressing a vulnerability in its font parsing system that affects several of its operating systems, including iOS, iPadOS, macOS, and visionOS. This update is crucial for users to protect their devices from potential attacks involving malicious font files. The vulnerability, identified as CVE-2025-43400, involves an out-of-bounds write error

Continue Reading

A research team from the Georgia Institute of Technology has discovered several security vulnerabilities in Tile, the Bluetooth tracking device used to locate lost personal items, as recently highlighted in a Malwarebytes security blog post. Tile is one of the most widely used Bluetooth tracking devices on the market, designed to help users locate misplaced

Continue Reading

Broadcom have recently released new security advisories detailing multiple vulnerabilities affecting VMware Aria Operations, VMware Tools, VMware vCenter, NSX, and related products. The advisories warn of several high-severity flaws including local privilege escalation, information disclosure, improper authorization, SMTP header injection, and username enumeration vulnerabilities. Updated patches are now available to mitigate these risks. The first

Continue Reading