Vulnerability-free container image startup Echo Software raises $35M

Echo Software Ltd., a startup that’s using artificial intelligence agents to secure container images at the base layer, said ...
The Hacker News

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

FreePBX patched 2025 flaws allowing SQL injection, file upload attacks, and an auth bypass only when webserver AUTHTYPE was ...

SAP fixes three critical vulnerabilities across multiple products

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three ...
ET CIO

Top 7 Software Composition Analysis (SCA) Tools for DevOps Teams in 2025

Looking for the best Software Composition Analysis tools for your DevOps team in 2025? Explore our comprehensive review of the top 7 SCA tools, their features, pricing, and integration capabilities ...

CISA reveals warning on Asus software flaw, here's what you need to do to stay safe

Usually, when CISA adds flaws to KEV, it means that Federal Civilian Executive Branch agencies have a three-week deadline to patch up or stop using the products entirely. For the ASUS flaw, agencies ...
Security Boulevard

Denial-of-Service and Source Code Exposure in React Server Components

In early December 2025, the React core team disclosed two new vulnerabilities affecting React Server Components (RSC). These issues – Denial-of-Service and Source Code Exposure were found by security ...

Microsoft quietly patches LNK vulnerability that's been weaponized for years

The LNK vulnerability was used to launch remote code execution in cyber-espionage, data theft, and fraud attacks.
CSO Online

JumpCloud agent turns uninstall into a system shortcut

The bug lets attackers with local access elevate to “system” or destabilize machines through unsafe privilege file operations ...

Barts Health seeks High Court block after Clop pillages NHS trust data

Barts Health NHS Trust has confirmed that patient and staff data was stolen in Clop's mass-exploitation of Oracle's E-Business Suite (EBS), and says it is now taking legal action in an effort to stop ...
Medical Design & Outsourcing

ICS launches SBOMGuard SBOM tool for med device security

A Powerful SBOM Tool Purpose-Built for Medical Device Cybersecurity in a Complex Threat Landscape ICS’ ‘Software ...
Security Boulevard

Hong Kong’s New Critical Infrastructure Ordinance will be effective by 1 January 2026 – What CIOs Need to Know

As the clock ticks down to the full enforcement of Hong Kong’s Protection of Critical Infrastructures (Computer Systems) ...