Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.

SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security ...

Microsoft observed active exploitation of internet-exposed SolarWinds Web Help Desk vulnerabilities enabling lateral movement. Attackers abused legitimate tools, PowerShell, and RMM software to ...

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...

Threat actors had another banner year in 2025. As we head into 2026, looking back on the five top security threats of 2025 may inform our strategy and budgeting for 2026 to prepare for the continued ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...

SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...