EUVD-2025-15941

Malicious code in bioql PyPI...

EUVD-2025-15901

Malicious code in bioql PyPI...

EUVD-2025-16578

Malicious code in bioql PyPI...

Securing IoT Devices in Smart Cities: A Review of Proposed Solutions

Privacy and security in Smart Cities remain at constant risk due to the vulnerabilities introduced by Internet of Things IoT devices. The limited computational resources of these devices make them especially susceptible to attacks, while their widespread adoption increases the potential impact of...

ROS-20250929-09

AMD processor firmware vulnerability is related to insufficient protection of service data. data. Exploitation of the vulnerability could allow an intruder to disclose protected information AMD processor firmware vulnerability is related to insufficient protection of service data. data...

Microsoft Purview delivered 30% reduction in data breach likelihood

In today’s digital-first world, data is both an asset and a liability. As organizations scale their use of cloud platforms, AI, and remote collaboration tools, the complexity of managing data security, data privacy, and regulatory compliance grows exponentially. For organizations, the challenge i...

Obelix: Mitigating Side-Channels through Dynamic Obfuscation

Trusted execution environments TEEs offer hardware-assisted means to protect code and data. However, as shown in numerous results over the years, attackers can use side-channels to leak data access patterns and even single-step the code. While the vendors are slowly introducing hardware-based...

Threat Modeling for Enhancing Security of IoT Audio Classification Devices under a Secure Protocols Framework

The rapid proliferation of IoT nodes equipped with microphones and capable of performing on-device audio classification exposes highly sensitive data while operating under tight resource constraints. To protect against this, we present a defence-in-depth architecture comprising a security protoco...

CVE-2025-43331

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data...

CVE-2025-43203

The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note...

Why Secure Document Editing is More Important than Ever

Secure document editing protects sensitive data with encryption and compliance tools, while reducing costly breaches and building trust,…...

Microsoft Purview innovations for your Fabric data: Unify data security and governance for the AI era

The Microsoft Fabric and Purview teams are thrilled to participate in the European Microsoft Fabric Community Conference September 15-18, 2025, in Vienna, Austria. This event is Microsoft’s largest tech conference in Europe, where data professionals gather to connect and share insights on data,...

CVE-2025-31255

CVE-2025-31255 is an authorization issue fixed by Apple in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26, and iPadOS 26, and macOS Sequoia 15.7. The vulnerability could allow an app to access sensitive user data due to improved state management. Connected sources provide explicit remediation thr...

CVE-2025-43279

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data...

PT-2025-37824

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15.7 macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 Description: An application may be able to access protected user data due to vulnerable code. The vulnerable code has been removed in th...

Advisory ROSA-SA-2025-2997

software: curl 8.7.1 OS: ROSA-CHROME unaffected versions = curl-8.7.1-4 affected versions curl-8.7.1-4 CVE-ID: CVE-2024-11053 BDU-ID: 2024-11106 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the netrc file handler of the cURL command line utility is related to insufficient protection of servic...

ROS-20250908-08

A vulnerability in the JSSE component of the Oracle Java SE software platform is related to insufficient validation of the of input data. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to modify, delete and read protected information using th...

CVE-2025-58607

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GDPR Info Cookie Notice & Consent Banner for GDPR & CCPA Compliance cookie-notice-and-consent-banner allows Stored XSS.This issue affects Cookie Notice & Consent Banner for GDPR & CCPA Compliance:...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Apr-2023 Release 1, which originates from an end-of-buffer memory...

WordPress plugin Cookie Notice & Consent Banner for GDPR & CCPA Compliance 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Cookie...