Apple has released new iOS and iPadOS versions, both 26.2, addressing a broad set of security vulnerabilities across core system components, apps, and the Safari browser engine. The update is available for iPhone 11 and later, as well as supported iPad models, and is recommended for all users. The release fixes issues that could have

Continue Reading

A recent large-scale security analysis published by Flare, a cyber threat intelligence company, has identified thousands of publicly available Docker Hub container images containing exposed secrets. The exposed data includes live credentials for cloud platforms, source control systems, databases, and AI services. The findings point to a widespread and ongoing security risk affecting organizations of

Continue Reading

Security researchers have disclosed a new tracking technique that can be used to monitor activity patterns of WhatsApp and Signal users by exploiting how the apps handle message delivery acknowledgments. The issue was recently highlighted by researchers at Cybernews, following the public release of a proof-of-concept tracking tool. The technique allows an attacker to infer

Continue Reading

A recently patched security flaw in WinRAR, the popular Windows file archiving tool, is currently being exploited by several threat groups. The vulnerability affects Windows versions of the widely used file archiving tool and involves a path traversal issue that can allow malicious files to be placed outside their intended extraction directory. When combined with

Continue Reading

Microsoft has released its latest security update for Windows 10, KB5071546, covering versions 22H2 (ESU) and 21H2 Enterprise LTSC 2021. This update continues extended servicing for organizations still operating Windows 10 and introduces several important security and reliability enhancements. Microsoft is again advising administrators and users that Secure Boot certificates used by most Windows devices

Continue Reading

Apache has issued a security advisory for a newly expanded XML External Entity (XXE) vulnerability affecting multiple components of Apache Tika, the widely used content analysis toolkit. The flaw, tracked as CVE-2025-66516 and rated critical, impacting Tika’s core library, parser modules, and PDF parser module. According to Apache’s disclosure, the vulnerability allows attackers to perform

Continue Reading

Google has released a new Chrome update for Windows, macOS, and Linux. Chrome 143 will roll out over the coming days and includes a collection of security fixes, performance improvements, and general stability updates. Additional feature details are also expected in upcoming Chrome and Chromium blog posts. Chrome 143 includes 13 security fixes addressing issues

Continue Reading

Hackers are distributing legitimate remote support tools as part of new attack campaigns, tricking victims into installing applications such as LogMeIn Resolve and PDQ Connect under the guise of common utilities or software updates. Researchers at cybersecurity software and solutions provider Malwarebytes report a rise in cases where these tools are preconfigured to connect directly

Continue Reading