Latest News

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 139.0.3405.102 8/15/2025 139.0.7258.127/.128

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject

For customers who want to step up their defenses against the next cyberattack wave or set of vulnerabilities, Red Hat is pleased to extend Technical Account Management (TAM) services by adding Technical Account Management Service for Product Security.Many Red Hat customers are familiar with TAM services. TAMs offer deep technical knowledge in their areas of specialty and act as trusted customer technical advisors. They develop personal relationships with customers to proactively drive the best possible product experience. Red Hat TAMs also advocate for customers with Red Hat product managers

The `get` and `set` methods of the public trait `scratchpad::Tracking` interact with unsafe code regions in the crate, and they influence the computation of addresses returned as raw pointers. However, the trait itself is not marked as unsafe, meaning users may provide custom implementations under the assumption that the crate upholds all safety guarantees. This becomes problematic because even safe implementations of `get` and `set`-written without using any unsafe code-can still result in ill-formed raw pointers. These pointers may later be dereferenced within safe APIs of the crate (e.g., `marker::MarkerBack::allocate_slice_copy`), potentially leading to arbitrary memory access or heap buffer overflows. According to the [penultimate commit](https://github.com/okready/scratchpad/commit/957dee1a3902f48600b06910e8e0b1d5ee7dab83), the crate is in maintenance mode awaiting a cleanup that will reduce the area of unsafe code. Note that the last commits to the repository are from 4 years ...

You probably can't break FIDO authentication. Still, researchers have shown that there are ways to get around it.

Federal funding cuts to the Multi-State Information Sharing and Analysis Center (MS-ISAC) are about to leave more than 18,000 state and local organizations without access to basic cybersecurity resources they need to protect US national security, a letter sent to Congressional appropriators warns.

Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated…

Organizations increasingly use agents to automate mundane tasks and address an overwhelming amount of sensitive data. However, adoption requires strict security strategies that keep humans in the loop for now.

In this Dark Reading News Desk interview, Google's Mark Berschadski highlights the critical role browsers play in today's work environment and how Chrome Enterprise is evolving to meet modern security challenges while enabling productivity.