Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Google sends Dark Web Report to its dead services graveyard

Google will stop scanning the dark web for new data breaches on January 15, and will stop reporting what it finds on February 16. Those looking for an alternative can turn to the likes of Experian, ...
Thales Group

Amazon Kindle: a Thales engineer uncovered a critical vulnerability

A cybersecurity researcher at Thales has demonstrated that a single e-book, imported outside official channels, can be enough to exploit a vulnerability that could give hackers full control of the ...
ZAWYA

ESET Research analyzed a critical flaw in Windows Imaging Component, which abuses JPG files

ESET researchers offer a deep dive analysis of the CVE 2025 50165 vulnerability and provide their method to reproduce the crash using a simple 12-bit or 16-bit JPG image, and an examination of the ...
Computer Weekly

Top 10 cyber crime stories of 2025

In many regards, 2025 proved to be a relatively normal year for the cyber security world as threat actors and security pros continued their long-running cat-and-mouse game, but it was also a stand-out ...

MongoDB warns admins to patch severe RCE flaw immediately

MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code ...

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...