Sitecore Zero-Day Sparks New Round of ViewState Threats Summary A critical zero-day (CVE-2025-53690) in Sitecore products (XM, XP, Experience Commerce) is being actively exploited in ViewState deserialization attacks. Mandiant investigated…
Bridgestone Americas Confirms Cyberattack Summary Bridgestone Americas (BSA) has confirmed a cyberattack that impacted some of its North American manufacturing facilities. Reports say a tyre plant in Joliette, Quebec, suspended…
Ukraine’s cyber chief on Russian hackers’ shifting tactics, US cyber aid Summary When Oleksandr Potii became head of Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) in late…
Chess.com says 4,500 people had data stolen during June breach Summary Between 5 and 18 June, attackers gained unauthorised access to data stored in a third‑party file transfer application used…
Summary The state of Texas, led by Attorney General Ken Paxton, has sued education‑technology provider PowerSchool over a December 2024 data breach that exposed sensitive information for millions of students…
Windows starts asking for admin rights where it shouldn’t after security fix Summary Microsoft’s August 2025 security update fixes CVE-2025-50173 by changing how Windows Installer (MSI) repair and related operations…
Microsoft inches toward Rusty Windows drivers, production use still a no-no Summary Microsoft engineers have made measurable progress enabling Rust for Windows driver development, but shipping production drivers in Rust…
Summary Unknown attackers have been exploiting publicly documented ASP.NET machine sample keys used in older Sitecore deployment instructions to perform a ViewState deserialization attack (CVE-2025-53690). The configuration issue affects Sitecore…
Boffins build automated Android bug hunting system Summary Researchers at Nanjing University and The University of Sydney have built A2, an AI agent system that discovers and validates vulnerabilities in…
AI code assistants make developers more efficient at creating security problems Summary Application security firm Apiiro analysed tens of thousands of repositories and several thousand developers at Fortune 50 organisations…
