Live
Microsoft Edge Seals Off Dangerous Filesystem Attack Vector with Latest Chromium Patch for CVE-2025-8580·MSFT +0.1%Critical Chromium Use-After-Free Flaw CVE-2025-8576 Triggers Urgent Edge, Chrome Updates·NVDA +3.0%CISA Sets August 11 Deadline for Critical Exchange Hybrid Patch as Exploits Emerge·GOOGL +1.2%CISA Alerts to Critical EG4 Inverter Flaws That Expose Solar Infrastructure to Remote Sabotage·AMZN +2.9%Four Yealink IP Phone Vulnerabilities Expose Enterprise VoIP to Brute-Force and Certificate Attacks·MSFT +0.1%Critical Authentication Bypass in Burk ARC Solo Exposes Broadcast Systems to Remote Takeover·NVDA +3.0%CISA Drops 10 ICS Advisories: Flaws Threaten Delta, JCI, EG4 Inverters and Critical Infrastructure·GOOGL +1.2%After Year-Long Silence, Dreame Patches Smart Home Apps Vulnerable to Credential-Theft Attacks·AMZN +2.9%Microsoft Edge Seals Off Dangerous Filesystem Attack Vector with Latest Chromium Patch for CVE-2025-8580·MSFT +0.1%Critical Chromium Use-After-Free Flaw CVE-2025-8576 Triggers Urgent Edge, Chrome Updates·NVDA +3.0%CISA Sets August 11 Deadline for Critical Exchange Hybrid Patch as Exploits Emerge·GOOGL +1.2%CISA Alerts to Critical EG4 Inverter Flaws That Expose Solar Infrastructure to Remote Sabotage·AMZN +2.9%Four Yealink IP Phone Vulnerabilities Expose Enterprise VoIP to Brute-Force and Certificate Attacks·MSFT +0.1%Critical Authentication Bypass in Burk ARC Solo Exposes Broadcast Systems to Remote Takeover·NVDA +3.0%CISA Drops 10 ICS Advisories: Flaws Threaten Delta, JCI, EG4 Inverters and Critical Infrastructure·GOOGL +1.2%After Year-Long Silence, Dreame Patches Smart Home Apps Vulnerable to Credential-Theft Attacks·AMZN +2.9%

Security Alerts

The latest Security Alerts coverage — news, analysis, and updates from the WindowsNews.AI desk.

12 stories in view AI assisted desk updated 10:27 PM
Latest Most Read Breaking
Sort
Browser Ecosystem · Browser Patch

Microsoft Edge Seals Off Dangerous Filesystem Attack Vector with Latest Chromium Patch for CVE-2025-8580

Microsoft has patched a critical filesystem vulnerability in its Edge browser, CVE-2025-8580, plugging a dangerous hole that could have allowed attackers to execute arbitrary code or access...

Advertisement
Brute-force Attacks · Certificate Validation

Four Yealink IP Phone Vulnerabilities Expose Enterprise VoIP to Brute-Force and Certificate Attacks

Four newly disclosed security vulnerabilities in Yealink’s widely deployed IP phones and cloud-based Redirect and Provisioning Service (RPS) have thrust business communications security into urgent...

SE Security Desk·47w ago
Authentication Flaws · Broadcast Industry

Critical Authentication Bypass in Burk ARC Solo Exposes Broadcast Systems to Remote Takeover

A critical vulnerability in Burk Technology's ARC Solo remote site controller allows attackers to change the device password without any credentials, enabling full device takeover and raising alarms...

SE Security Desk·47w ago
Building Automation · Cisa

CISA Drops 10 ICS Advisories: Flaws Threaten Delta, JCI, EG4 Inverters and Critical Infrastructure

A flood of industrial vulnerabilities hit the cybersecurity landscape last week as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) dropped ten Industrial Control Systems (ICS)...

SE Security Desk·47w ago
App Patching · Certificate Validation

After Year-Long Silence, Dreame Patches Smart Home Apps Vulnerable to Credential-Theft Attacks

Dreame Technology has finally released a patch for its popular smart home applications after researchers exposed a certificate validation flaw that left millions of users defenseless against...

SE Security Desk·47w ago
Arena Software · Buffer Overflow

Rockwell Automation Patches Three High-Severity Arena Simulation Bugs Poised to Cripple Critical Manufacturing

Three newly disclosed vulnerabilities in Rockwell Automation’s Arena simulation software have shaken the industrial security landscape, exposing global manufacturers to file-based attacks that can...

SE Security Desk·47w ago
Building Automation · Critical Facility Protection

Critical 8.4 CVSS Flaw in Johnson Controls FX Controllers Threatens Building Automation Systems Worldwide

Critical infrastructure operators worldwide are scrambling to apply emergency patches after a dangerous new vulnerability was disclosed in Johnson Controls’ FX80, FX90, and FX Server platforms....

SE Security Desk·47w ago
Automation · Cisa

Patch Now: 9.3-Rated Path Traversal in Delta DIAView ICS Puts Critical Sectors at Risk

A severe path traversal vulnerability in Delta Electronics’ DIAView industrial automation platform has sent shockwaves through the operational technology community, after federal cybersecurity...

SE Security Desk·47w ago
Critical Infrastructure · Cve-2025-8284

Packet Power ICS Flaw Lets Attackers Seize Control of Energy Grids Without Login

A remotely exploitable authentication bypass in Packet Power’s energy monitoring devices has thrust the industrial control system (ICS) world into an urgent patching cycle. Designated...

SE Security Desk·47w ago