Sophos Firewall v21 MR1 is now available

Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild. The high-severity flaw is being tracked as CVE-2025-5419, and has been flagged as an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. “Out…

It’s easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn’t just patching fast, but watching smarter and staying alert for what you don’t expect. Here’s a quick look…

The cybersecurity job market nowadays is facing an unusual paradox: Many roles seem open, but competition and hiring practices can make securing a position a real challenge.

The attack dirsupted MathWorks’ systems and online applications, but it remains unclear which ransomware group targeted the software company and whether they stole any data.

Cybersecurity researchers have discovered an indirect prompt injection flaw in GitLab’s artificial intelligence (AI) assistant Duo that could have allowed attackers to steal source code and inject untrusted HTML into its responses, which could then be used to direct victims to malicious websites. GitLab Duo is an artificial intelligence (AI)-powered coding assistant that enables users…

Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyberespionage groups.