CVE-2025-38261 RISC-V Bug Exposed During Stress Testing; Azure Linux Gets First CSAF Attestations
A critical but highly specific vulnerability in the Linux kernel, designated CVE-2025-38261, has been disclosed, exposing a flaw in the RISC-V architecture's supervisor mode handling that could lead...
CVE-2025-52496: Critical Mbed TLS AESNI Race Condition Threatens Azure Linux Security
A critical security vulnerability in Mbed TLS, identified as CVE-2025-52496, has exposed a race condition in the AESNI detection path that could temporarily force the widely-used cryptographic...
CVE-2025-38237: How a One-Line Exynos4 Fix Sparked Azure Linux Security Debate
A seemingly minor one-line patch to the Linux kernel's Exynos4 camera driver has ignited significant discussion about hardware security, supply chain transparency, and the evolving relationship...
CVE-2025-48924: Critical Apache Commons Lang Vulnerability Threatens Java Applications
A newly disclosed vulnerability in Apache Commons Lang, tracked as CVE-2025-48924, has sent shockwaves through the Java development community, exposing millions of applications to potential...