Security Boulevard

ACFW firewall test prologue – still failing at the basics

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...

CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...
Security Boulevard

Critical CERT-In Advisories – January 2026: SAP, Microsoft, and Atlassian Vulnerabilities

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...
CSOonline

CISA orders immediate patching as GeoServer flaw faces active exploitation

CISA is sounding the alarm over a critical vulnerability in GeoServer that is being actively exploited in the wild, ordering federal agencies to patch immediately. The flaw, tracked as CVE-2025-58360, ...
Shacknews

Psyonix says it's implemented changes to combat Rocket League server attacks

Rocket League developer has released a lengthy statement acknowledging an ongoing issue with server attacks within the game. In an attempt to combat them, the studio has deployed some key changes, but ...
WGN-TV

Man killed in overnight attack on West Side

CHICAGO — An investigation is underway on Tuesday morning after a man was killed in an attack on the city’s West Side overnight. According to Chicago police, the incident unfolded in the 500 block of ...
Forbes

AI Chat Privacy At Risk—Microsoft Uncovers Whisper Leak Side-Channel Attack

ChatGPT, Gemini, Microsoft Copilot, Claude, and Perplexity app icons. Microsoft has revealed a privacy flaw that could expose what you're talking about with AI chatbots like ChatGPT, even though your ...
SecurityWeek

Data Exposure Vulnerability Found in Deep Learning Tool Keras

The vulnerability is tracked as CVE-2025-12058 and it can be exploited for arbitrary file loading and conducting SSRF attacks. A vulnerability in the open source library Keras could allow attackers to ...
GitHub

Parse Server Vulnerable to Server-Side Request Forgery (SSRF) in File Upload via URI Format

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...
HotHardware

Microsoft Windows Server Update Service Is Under Attack, What You Need To Know

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
SecurityWeek

Docker Desktop Vulnerability Leads to Host Compromise

A critical vulnerability in Docker Desktop allows attackers to control containers, mount the host’s file system, and modify it to escalate their privileges to those of an administrator. Tracked as CVE ...