Security Alerts
The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.
CVE-2025-12728: Microsoft Edge Security Update Guide Explained
Microsoft's Security Update Guide recently listed CVE-2025-12728, a Chromium vulnerability affecting Microsoft Edge users, highlighting the complex relationship between Microsoft's browser and its...
CVE-2025-12729: Critical Omnibox Security Flaw in Edge & Chrome - Patch Now
A significant security vulnerability has been identified in the Chromium browser engine that powers both Microsoft Edge and Google Chrome, requiring immediate attention from users and IT...
CVE-2025-12725: Critical WebGPU Vulnerability in Microsoft Edge - Complete Guide
Microsoft Edge users face a critical security threat with CVE-2025-12725, a high-severity out-of-bounds write vulnerability in the WebGPU implementation that could allow remote code execution. This...
CISA Issues 4 High-Severity ICS Advisories: Critical Flaws in GPS, Energy Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued four new Industrial Control Systems (ICS) advisories on June 10, 2025, highlighting critical vulnerabilities affecting GPS...
Advantech DeviceOn iEdge Vulnerabilities: Critical Security Alert and Migration Guide
A significant security advisory has been issued for Advantech DeviceOn iEdge, revealing multiple high-severity vulnerabilities that could expose industrial control systems to serious cyber threats....
CVE-2025-12636 in Ubia Ubox cameras lets attackers steal credentials, access live feeds
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical industrial control systems advisory warning about a severe security vulnerability in Ubia Ubox camera systems that...
ABB FLXeon Controller Vulnerabilities: Critical Patches and Mitigation Guide
A wave of high-severity vulnerabilities affecting ABB's FLXeon building-automation controllers has forced urgent action across industrial operations and facilities management teams. Multiple CVEs...
CISA Adds Gladinet LFI & CWP Command Injection to KEV Catalog: Critical Security Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has quietly expanded its Known Exploited Vulnerabilities (KEV) Catalog with two new actively exploited flaws that demand immediate...
Survision LPR CVE-2025-12108: Critical Unauthenticated Access Vulnerability Exposed
A critical security vulnerability in Survision License Plate Recognition (LPR) cameras has been disclosed, designated as CVE-2025-12108, allowing unauthenticated attackers to gain complete control...
CVE-2025-58317: Critical Delta CNCSoft G2 HMI Vulnerability Threatens Industrial Systems
A critical security vulnerability in Delta Electronics' CNCSoft-G2 HMI software has been identified, posing significant risks to industrial control systems worldwide. Tracked as CVE-2025-58317, this...