Aggregator

A vulnerability was found in Echatserver EChat Server 3.1 and classified as critical. Affected is an unknown function. The manipulation of the argument Username results in out-of-bounds write. This vulnerability was named CVE-2018-25221. The attack may be performed from remote. In addition, an exploit is available.

Monogram делает ставку на современный Android-стек, модульную архитектуру и открытый код, но пока остается ранним релизом с багами.

Netskope's Sanjay Beri on Data Risk, Agent Visibility and Enabling AI Safely
AI adoption has outrun enterprise security, leaving data exposed and controls nonexistent. Sanjay Beri, co-founder and CEO at Netskope, says the answer isn't restriction. It's visibility, context and a culture of enablement.

Car Hacking Village's Ghali on Automotive Security for AI-Driven Mobility Ecosystem
As vehicles evolve into connected, software-defined systems, cybersecurity risks now extend beyond the car itself. Kamel Ghali, vice president at Car Hacking Village, explains why threat modeling, AI safety and ecosystemwide visibility are critical in modern automotive security.

Rain Capital's Lefort on Overcapitalization and Cybersecurity's Barbell Effect
Cybersecurity funding hit all-time highs in 2025, rivaling the 2021 boom, said Sidra Ahmed Lefort, venture partner at Rain Capital. A "barbell effect" has taken hold, with capital concentrating at the earliest and latest stages while squeezing the Series cB and C middle.

Costanoa Ventures' John Cowgill on Moving From Static Analysis to Runtime Defense
Artificial intelligence-generated code is arriving faster than security teams can review it, and the risks are moving from the line level to the system level, says John Cowgill, partner at Costanoa Ventures.

Исследование с участием James Webb меняет взгляд на связь атмосферы и магнитного поля у газовых гигантов.

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet.

Случайно открытый черновик рассказал о модели, которая обходит прежний флагман и пока пугает даже собственных создателей

Попытка сэкономить на экспертах превращается в рискованный билет в один конец.

A vulnerability labeled as problematic has been found in Langflow. Affected is an unknown function of the component v2 API. Such manipulation leads to path traversal. This vulnerability is documented as CVE-2026-33309. The attack requires being on the local network. There is not any exploit available.

A vulnerability classified as critical has been found in Tabs Mail Carrier 2.5.1. Affected by this vulnerability is an unknown functionality of the component SMTP Service. The manipulation of the argument MAIL FROM leads to out-of-bounds write. This vulnerability is referenced as CVE-2019-25646. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in langflow-ai langflow up to 1.8.x. It has been declared as problematic. The impacted element is an unknown function. The manipulation results in injection. This vulnerability is reported as CVE-2026-33475. The attack can be launched remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in langflow-ai langflow up to 1.8.1. Affected is an unknown function of the file /api/v2/files/ of the component Incomplete Fix CVE-2025-68478. Performing a manipulation results in path traversal. This vulnerability is known as CVE-2026-33309. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.