Microsoft has released its latest security update for Windows 10, KB5071546, covering versions 22H2 (ESU) and 21H2 Enterprise LTSC 2021. This update continues extended servicing for organizations still operating Windows 10 and introduces several important security and reliability enhancements. Microsoft is again advising administrators and users that Secure Boot certificates used by most Windows devices

Continue Reading

Apache has issued a security advisory for a newly expanded XML External Entity (XXE) vulnerability affecting multiple components of Apache Tika, the widely used content analysis toolkit. The flaw, tracked as CVE-2025-66516 and rated critical, impacting Tika’s core library, parser modules, and PDF parser module. According to Apache’s disclosure, the vulnerability allows attackers to perform

Continue Reading

Google has released a new Chrome update for Windows, macOS, and Linux. Chrome 143 will roll out over the coming days and includes a collection of security fixes, performance improvements, and general stability updates. Additional feature details are also expected in upcoming Chrome and Chromium blog posts. Chrome 143 includes 13 security fixes addressing issues

Continue Reading

Hackers are distributing legitimate remote support tools as part of new attack campaigns, tricking victims into installing applications such as LogMeIn Resolve and PDQ Connect under the guise of common utilities or software updates. Researchers at cybersecurity software and solutions provider Malwarebytes report a rise in cases where these tools are preconfigured to connect directly

Continue Reading

OpenAI experienced a security incident involving Mixpanel, one of its former analytics providers. In an announcement post, they detailed that limited user information linked to the platform.openai.com interface was exposed, and clarified that ChatGPT users were not affected, nor were OpenAI’s own systems involved. According to OpenAI, the exposure was limited to analytics data stored

Continue Reading

GreyNoise, an online security company, has launched a new public tool designed to show whether an internet connection has been involved in unwanted scanning or suspicious activity. The service, called GreyNoise IP Check, aims to make it easier for people to identify when their home network is being used by unauthorized software or compromised devices.

Continue Reading

D-Link has issued a new security notice detailing several vulnerabilities discovered in its long-retired DIR-878 home router line. Although the model reached End-of-Life and End-of-Service years ago, the company published the advisory to inform any remaining users that multiple security issues have now been confirmed across all revisions and all firmware versions of the device.

Continue Reading

A newly disclosed flaw in Perplexity’s Comet web browser has revealed that an internal API allowed hidden extensions to run commands directly on user devices, a capability beyond what modern browsers typically permit. The issue was uncovered by security researchers at SquareX, who determined that Comet included two embedded extensions with elevated privileges: an analytics

Continue Reading