Live
Mitsubishi Electric Confirms Unpatched DoS Flaw in MELSEC iQ-F PLCs, Recommends Network Hardening·MSFT +0.1%Fujifilm Medical Viewer Flaw Allows Unauthorized Access to Patient Scans — CISA Calls for Immediate Upgrade·NVDA +3.0%CISA's August 19 ICS Alert: Siemens Desigo CC SAML Bypass, Tigo Hardcoded Credentials, and EG4 Inverter Firmware Risks Exposed·GOOGL +1.2%Siemens Urges Patching of Desigo CC and SENTRON as CodeMeter Flaws Enable Remote RCE and Privilege Escalation·AMZN +2.9%Mendix SAML Signature Bypass Allows Remote Account Hijacking; Siemens Urges Immediate Patches·MSFT +0.1%CISA Adds Actively Exploited Trend Micro Apex One Zero-Day to KEV, Mandates Rapid Patching·NVDA +3.0%Google Chrome 139.0.7258.127 Plugs Aura Use-After-Free (CVE-2025-8882) and Other High-Severity Bugs·GOOGL +1.2%Google Ships Chrome 139 Fix for ANGLE Out‑of‑Bounds Write, Microsoft Edge To Follow·AMZN +2.9%Mitsubishi Electric Confirms Unpatched DoS Flaw in MELSEC iQ-F PLCs, Recommends Network Hardening·MSFT +0.1%Fujifilm Medical Viewer Flaw Allows Unauthorized Access to Patient Scans — CISA Calls for Immediate Upgrade·NVDA +3.0%CISA's August 19 ICS Alert: Siemens Desigo CC SAML Bypass, Tigo Hardcoded Credentials, and EG4 Inverter Firmware Risks Exposed·GOOGL +1.2%Siemens Urges Patching of Desigo CC and SENTRON as CodeMeter Flaws Enable Remote RCE and Privilege Escalation·AMZN +2.9%Mendix SAML Signature Bypass Allows Remote Account Hijacking; Siemens Urges Immediate Patches·MSFT +0.1%CISA Adds Actively Exploited Trend Micro Apex One Zero-Day to KEV, Mandates Rapid Patching·NVDA +3.0%Google Chrome 139.0.7258.127 Plugs Aura Use-After-Free (CVE-2025-8882) and Other High-Severity Bugs·GOOGL +1.2%Google Ships Chrome 139 Fix for ANGLE Out‑of‑Bounds Write, Microsoft Edge To Follow·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 1:39 PM
Latest Most Read Breaking
Sort
Advisory · Automation

Mitsubishi Electric Confirms Unpatched DoS Flaw in MELSEC iQ-F PLCs, Recommends Network Hardening

Mitsubishi Electric has disclosed a remotely exploitable denial-of-service vulnerability in the embedded web server of its MELSEC iQ-F series programmable logic controllers, tracked under an internal...

Advertisement
Account Takeover · Cisa Icsa-25-231-02

Mendix SAML Signature Bypass Allows Remote Account Hijacking; Siemens Urges Immediate Patches

Siemens on August 14, 2025, disclosed a critical vulnerability in its Mendix SAML module that could allow unauthenticated attackers to bypass cryptographic signature verification and hijack user...

SE Security Desk·45w ago
Bod 22-01 · Cisa

CISA Adds Actively Exploited Trend Micro Apex One Zero-Day to KEV, Mandates Rapid Patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-54948, a critical command injection vulnerability in Trend Micro’s Apex One on-premises management console, to...

SE Security Desk·45w ago
Aura Ui · Browser Security

Google Chrome 139.0.7258.127 Plugs Aura Use-After-Free (CVE-2025-8882) and Other High-Severity Bugs

Google has deployed a critical stable-channel update for Chrome, version 139.0.7258.127, closing a use-after-free vulnerability in the Aura UI component tracked as CVE-2025-8882. The patch also...

SE Security Desk·45w ago
Angle · Chrome 139

Google Ships Chrome 139 Fix for ANGLE Out‑of‑Bounds Write, Microsoft Edge To Follow

Google has shipped a critical security update for Chrome, version 139.0.7258.127, to plug a dangerous out-of-bounds write flaw in the ANGLE graphics translation layer. Tracked as CVE-2025-8901, the...

SE Security Desk·45w ago
Av1 · Buffer Overflow

Chrome 139 Fixes High-Severity libaom AV1 Heap Overflow; Edge Patch to Follow

Google has rolled out a stable-channel update for Chrome that patches CVE-2025-8879, a high-severity heap buffer overflow in the libaom AV1 codec library. The fix landed on August 12, 2025, in Chrome...

SE Security Desk·45w ago
Browser Security · Chrome

Urgent Chrome 139.0.7258.127 Update Closes V8 Race Condition (CVE-2025-8880) — Patch Now for Windows, Edge, and Chromium Browsers

On August 12, 2025, Google rushed out Chrome 139.0.7258.127 with an urgent fix for CVE-2025-8880 — a high-severity race condition in the V8 JavaScript engine that could hand remote attackers the...

SE Security Desk·45w ago
Browser Security · Chrome

Chrome's File Picker Cross-Origin Leak Prompts Emergency Patch for Windows Browsers

A critical logic flaw in Chromium's File Picker—one of the browser's most sensitive UI components—can be weaponized to leak data across origins, forcing Google and Microsoft to ship urgent...

SE Security Desk·45w ago
siemens_patches_7_opcenter.jpg
Cve-2024-41979 · Cve-2024-41980

Siemens Patches 7 Opcenter Quality Vulnerabilities: Upgrade to V2506 and Harden TLS Now

Siemens has issued an urgent security advisory for Opcenter Quality, bundling fixes for seven distinct vulnerabilities that affect the SmartClient modules, including Opcenter QL Home, SOA Audit, and...

SE Security Desk·46w ago