A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.

In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly disclosed. Shortly after publication, multiple ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...

Three critical zero-day vulnerabilities affecting PickleScan, a widely used tool for scanning Python pickle files and PyTorch models, have been uncovered by cybersecurity researchers. The flaws, all ...

Microsoft has released an emergency out-of-band security update for Windows Server to address a probable remote code execution vulnerability tracked as CVE-2025-59287. The issue affects the Windows ...

Co-founder and former CEO of Microsoft Bill Gates steps down from Microsoft board to spend more time on the Bill and Melinda Gates Foundation. This story was originally published on Cybersecurity Dive ...

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...

Supreme Court strikes down Trump’s IEEPA tariffs: What procurement leaders must do next The U.S. Supreme Court’s 6–3 ruling striking down President Trump’s IEEPA tariffs reshapes the legal landscape ...