Groups

Technical - Security - Patch Management

1–30 of 4669

0 selected

12:01 PM

IBM warns of critical API Connect auth bypass vulnerability (CVE-2025-13915)

https://www.bleepingcomputer.com/news/security/ibm-warns-of-critical-api-connect-auth-bypass-

unread,

IBM warns of critical API Connect auth bypass vulnerability (CVE-2025-13915)

https://www.bleepingcomputer.com/news/security/ibm-warns-of-critical-api-connect-auth-bypass-

12:01 PM

12/30/25

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-

unread,

Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-

12/30/25

12/25/25

MongoDB warns admins to patch severe RCE flaw immediately (CVE-2025-14847)

https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-rce-flaw-

unread,

MongoDB warns admins to patch severe RCE flaw immediately (CVE-2025-14847)

https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-rce-flaw-

12/25/25

12/25/25

Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283

https://www.fortinet.com/blog/psirt-blogs/product-security-advisory-and-analysis-observed-abuse-of-fg

unread,

Product Security Advisory and Analysis: Observed Abuse of FG-IR-19-283

https://www.fortinet.com/blog/psirt-blogs/product-security-advisory-and-analysis-observed-abuse-of-fg

12/25/25

12/25/25

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html Eyal Estrin CISSP, CCSP,

unread,

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

https://thehackernews.com/2025/12/critical-n8n-flaw-cvss-99-enables.html Eyal Estrin CISSP, CCSP,

12/25/25

12/22/25

Over 25,000 FortiCloud SSO devices exposed to remote attacks

https://www.bleepingcomputer.com/news/security/over-25-000-forticloud-sso-devices-exposed-to-remote-

unread,

Over 25,000 FortiCloud SSO devices exposed to remote attacks

https://www.bleepingcomputer.com/news/security/over-25-000-forticloud-sso-devices-exposed-to-remote-

12/22/25

12/21/25

Actively Exploited Zero-Day (CVE-2025-20393) Targets Cisco Email Security Appliances

https://www.thehackerwire.com/actively-exploited-zero-day-cve-2025-20393-targets-cisco-email-security

unread,

Actively Exploited Zero-Day (CVE-2025-20393) Targets Cisco Email Security Appliances

https://www.thehackerwire.com/actively-exploited-zero-day-cve-2025-20393-targets-cisco-email-security

12/21/25

12/20/25

Microsoft releases KB5074976 and more Windows updates to fix several MSMQ bugs

https://www.neowin.net/news/microsoft-releases-kb5074976-and-more-windows-updates-to-fix-several-msmq

unread,

Microsoft releases KB5074976 and more Windows updates to fix several MSMQ bugs

https://www.neowin.net/news/microsoft-releases-kb5074976-and-more-windows-updates-to-fix-several-msmq

12/20/25

12/20/25

WatchGuard Firebox iked Out of Bounds Write Vulnerability (CVE-2025-14733)

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027 Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

WatchGuard Firebox iked Out of Bounds Write Vulnerability (CVE-2025-14733)

https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2025-00027 Eyal Estrin CISSP, CCSP, CISM, CISA,

12/20/25

12/20/25

HPE tells customers to patch fast as OneView RCE bug scores a perfect 10

https://www.theregister.com/2025/12/19/hpe_oneview_rce_bug/ https://support.hpe.com/hpesc/public/

unread,

HPE tells customers to patch fast as OneView RCE bug scores a perfect 10

https://www.theregister.com/2025/12/19/hpe_oneview_rce_bug/ https://support.hpe.com/hpesc/public/

12/20/25

12/19/25

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

https://thehackernews.com/2025/12/cisa-flags-critical-asus-live-update.html Eyal Estrin CISSP, CCSP,

unread,

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

https://thehackernews.com/2025/12/cisa-flags-critical-asus-live-update.html Eyal Estrin CISSP, CCSP,

12/19/25

12/19/25

Mozilla Firefox Version 146.0.1 Released with Security Updates

https://www.firefox.com/en-US/firefox/146.0.1/releasenotes/ Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Mozilla Firefox Version 146.0.1 Released with Security Updates

https://www.firefox.com/en-US/firefox/146.0.1/releasenotes/ Eyal Estrin CISSP, CCSP, CISM, CISA,

12/19/25

12/19/25

Key Commitment Issues in S3 Encryption Clients (AWS-2025-032)

https://aws.amazon.com/security/security-bulletins/AWS-2025-032/ Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Key Commitment Issues in S3 Encryption Clients (AWS-2025-032)

https://aws.amazon.com/security/security-bulletins/AWS-2025-032/ Eyal Estrin CISSP, CCSP, CISM, CISA,

12/19/25

12/19/25

Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager (CVE-2025-20393)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-

unread,

Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager (CVE-2025-20393)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-

12/19/25

12/15/25

Microsoft: December security updates cause Message Queuing failures

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-security-updates-cause-message-

unread,

Microsoft: December security updates cause Message Queuing failures

https://www.bleepingcomputer.com/news/microsoft/microsoft-december-security-updates-cause-message-

12/15/25

12/13/25

The security content of iOS 26.2 and iPadOS 26.2

https://support.apple.com/en-us/125884 Eyal Estrin CISSP, CCSP, CISM, CISA, CDPSE, CCSK Blog: https:/

unread,

The security content of iOS 26.2 and iPadOS 26.2

https://support.apple.com/en-us/125884 Eyal Estrin CISSP, CCSP, CISM, CISA, CDPSE, CCSK Blog: https:/

12/13/25

12/12/25

2025 CWE Top 25 Most Dangerous Software Weaknesses

https://www.cisa.gov/news-events/alerts/2025/12/11/2025-cwe-top-25-most-dangerous-software-weaknesses

unread,

2025 CWE Top 25 Most Dangerous Software Weaknesses

https://www.cisa.gov/news-events/alerts/2025/12/11/2025-cwe-top-25-most-dangerous-software-weaknesses

12/12/25

12/11/25

Google Chrome 143.0.7499.109 Stable Channel Update for Desktop

https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html Eyal Estrin

unread,

Google Chrome 143.0.7499.109 Stable Channel Update for Desktop

https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html Eyal Estrin

12/11/25

12/11/25

Security Bulletin - GCP-2025-074

https://docs.cloud.google.com/support/bulletins#gcp-2025-074 Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Security Bulletin - GCP-2025-074

https://docs.cloud.google.com/support/bulletins#gcp-2025-074 Eyal Estrin CISSP, CCSP, CISM, CISA,

12/11/25

12/11/25

Security Bulletin - GCP-2025-076

https://docs.cloud.google.com/support/bulletins#gcp-2025-076 Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Security Bulletin - GCP-2025-076

https://docs.cloud.google.com/support/bulletins#gcp-2025-076 Eyal Estrin CISSP, CCSP, CISM, CISA,

12/11/25

12/11/25

Security Bulletin - GCP-2025-075

https://docs.cloud.google.com/support/bulletins#gcp-2025-075 Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Security Bulletin - GCP-2025-075

https://docs.cloud.google.com/support/bulletins#gcp-2025-075 Eyal Estrin CISSP, CCSP, CISM, CISA,

12/11/25

12/11/25

Microsoft won’t fix .NET RCE bug affecting slew of enterprise apps, researchers say

https://www.theregister.com/2025/12/10/microsoft_wont_fix_net_rce/ Eyal Estrin CISSP, CCSP, CISM,

unread,

Microsoft won’t fix .NET RCE bug affecting slew of enterprise apps, researchers say

https://www.theregister.com/2025/12/10/microsoft_wont_fix_net_rce/ Eyal Estrin CISSP, CCSP, CISM,

12/11/25

12/10/25

SAP Security Patch Day - December 2025

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/december-2025.html Eyal

unread,

SAP Security Patch Day - December 2025

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/december-2025.html Eyal

12/10/25

12/10/25

Articles about Microsoft security patches - December 2025

December 2025 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2025-Dec Microsoft

unread,

Articles about Microsoft security patches - December 2025

December 2025 Security Updates https://msrc.microsoft.com/update-guide/releaseNote/2025-Dec Microsoft

12/10/25

12/10/25

Mozilla Foundation Security Advisory 2025-92

https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/ Eyal Estrin CISSP, CCSP, CISM, CISA,

unread,

Mozilla Foundation Security Advisory 2025-92

https://www.mozilla.org/en-US/security/advisories/mfsa2025-92/ Eyal Estrin CISSP, CCSP, CISM, CISA,

12/10/25

12/10/25

Fortinet warns of critical FortiCloud SSO login auth bypass flaws (CVE-2025-59718 and CVE-2025-59719)

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-

unread,

Fortinet warns of critical FortiCloud SSO login auth bypass flaws (CVE-2025-59718 and CVE-2025-59719)

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-

12/10/25

12/10/25

Adobe Acrobat/Reader Security Update (25.001.20997)

https://securitygarden.blogspot.com/2025/12/adobe-acrobatreader-security-update.html https://www.

unread,

Adobe Acrobat/Reader Security Update (25.001.20997)

https://securitygarden.blogspot.com/2025/12/adobe-acrobatreader-security-update.html https://www.

12/10/25

12/9/25

Ivanti warns of critical Endpoint Manager code execution flaw (CVE-2025-10573)

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-

unread,

Ivanti warns of critical Endpoint Manager code execution flaw (CVE-2025-10573)

https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-

12/9/25

12/7/25

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

https://thehackernews.com/2025/12/critical-xxe-bug-cve-2025-66516-cvss.html Eyal Estrin CISSP, CCSP,

unread,

Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch

https://thehackernews.com/2025/12/critical-xxe-bug-cve-2025-66516-cvss.html Eyal Estrin CISSP, CCSP,

12/7/25

12/6/25

It’s a Perfect 10! React2Shell

https://medium.com/asecuritysite-when-bob-met-alice/its-a-perfect-10-react2shell-840cfc94bf69 Eyal

unread,

It’s a Perfect 10! React2Shell

https://medium.com/asecuritysite-when-bob-met-alice/its-a-perfect-10-react2shell-840cfc94bf69 Eyal

12/6/25

Search

Clear search

Close search

Google apps

Main menu