Updates have been released by Google to fix 107 vulnerabilities in Android devices, including a pair of high-severity zero-day issues that may be subjected to limited, targeted exploitation, CyberScoop reports.
SecurityWeek reports that active abuse of the medium-severity OpenPLC ScadaBR cross-site scripting flaw, tracked as CVE-2021-26829, has prompted its inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security weakness by Dec. 19.
Old Python packages' bootstrap files are impacted by a security weakness that could enable a domain takeover attack-based supply chain compromise of the Python Package Index, according to The Hacker News.
Interview with Ravid Circus. Ravid will discuss why security and engineering misalignment is the biggest barrier to fast, effective remediation, using data from Seemplicity’s 2025 Remediation Operations Report. This is costing some teams days of unnecessary exposure, which can lead to major security implications for organizations. Segment Resources...
The initiative, led by Cisco's chief security and trust officer, focuses on bolstering infrastructure resilience by prioritizing secure defaults in product development and customer strategies.
