Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
SecurityWeek

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard warns that the critical Firebox vulnerability CVE-2025-14733 has been exploited in attacks for remote code ...

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

The vulnerability, tracked as CVE-2025-68664 and dubbed “LangGrinch,” has a Common Vulnerability Scoring System score of 9.3.
Dark Reading

Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices

With attacks on the critical firewall vulnerability, WatchGuard joins a list of edge device vendors whose products have been ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...
Thales Group

Amazon Kindle: a Thales engineer uncovered a critical vulnerability

A cybersecurity researcher at Thales has demonstrated that a single e-book, imported outside official channels, can be enough to exploit a vulnerability that could give hackers full control of the ...
Cybernews

Vincent AI phishing vulnerability found, 200K+ law firms at risk of credential and data theft

VLex's Vincent AI assistant, used by thousands of law firms worldwide, is vulnerable to AI phishing attacks that can steal ...
Computer Weekly

Top 10 cyber crime stories of 2025

In many regards, 2025 proved to be a relatively normal year for the cyber security world as threat actors and security pros continued their long-running cat-and-mouse game, but it was also a stand-out ...