Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...

CVE-2025-54988 is a weakness in the tika-parser-pdf-module used to process PDFs in Apache Tika from version 1.13 to and ...

Ongoing vulnerable Log4j downloads suggest the supply chain crisis wasn't the wake-up call it should have been.

SAP’s December update patched 14 flaws, including three critical vulnerabilities in key products CVE‑2025‑42880 (9.9) in SAP ...

Apple today released iOS 26.2, iPadOS 26.2, and macOS 26.2, all of which introduce new features, bug fixes, and security ...

SAP released 14 new security notes, including 3 addressing critical vulnerabilities in Solution Manager, Commerce Cloud, and ...

Some recipients of Social Security benefits will receive two checks in the month of December, as a calendar quirk will move the payment timeline for an adjacent month. The Social Security ...

Microsoft has stealthily switched on critical Widnows security protection. You don’t have to wait until next week for the monthly Patch Tuesday rollout for this Windows surprise: Microsoft has ...

American cybersecurity company SonicWall urged customers today to patch a high-severity SonicOS SSLVPN security flaw that can allow attackers to crash vulnerable firewalls. Tracked as CVE-2025-40601, ...

Microsoft warned users on Tuesday that FIDO2 security keys may prompt them to enter a PIN when signing in after installing Windows updates released since the September 2025 preview update. This ...

While the critical-severity flaw in a popular open-source library has seen exploitation, the ‘vast majority’ of organizations will not be vulnerable, according to well-known researcher Kevin Beaumont.