Attackers target unpatched ShowDoc servers via CVE-2025-0520
Attackers target unpatched ShowDoc servers via CVE-2025-0520 Pierluigi Paganini April 14, 2026 A critical RCE flaw, tracked as CVE-2025-0520, in...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Adobe, Fortinet, Microsoft Exchange Server, and Microsoft Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini...
Weekly Update 499
14 April 2026 I'm starting to become pretty fond of Bruce. Actually, I've had a bit of an epiphany: an...
Why Anthropic’s Mythos Is a Systemic Shift for Global Cybersecurity
The announcements this week from Anthropic regarding Project Glasswing have created a global cyber paradigm shift that can be considered...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Smashing Security podcast #462: LinkedIn is spying on you, and you agreed to nothing
LinkedIn has been secretly scanning your browser for over 6,000 installed extensions – on every single click you make. It...
Microsoft’s April 2026 Patch Tuesday Addresses 163 CVEs (CVE-2026-32201)
8Critical 154Important 1Moderate 0Low Microsoft addresses 163 CVEs in the April 2026 Patch Tuesday release, including two zero-day vulnerabilities, one...
New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released
Ravie LakshmananApr 14, 2026Vulnerability / DevSecOps Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully...