Explore

Rapid Read Rapid Read
Adobe Releases Critical Security Patches for Multiple Products

Adobe Releases Critical Security Patches for Multiple Products

Adobe has announced the release of patches addressing nearly 140 vulnerabilities across several of its products, including ColdFusion and Experience Manager. The updates include fixes for critical-severity bugs that could allow arbitrary code execution. In ColdFusion, 12 security defects were addressed, with the most severe being unrestricted dangerous file upload and improper input validation. Experience Manager received updates for 117 vulnerabilities, primarily cross-site scripting flaws. Adobe has prioritized these updates, urging users to apply them promptly to mitigate potential security risks. The company has not reported any active exploitation of these vulnerabilities in the wild.
Trendline Trendline
SAP Releases December 2025 Security Updates Addressing Critical Vulnerabilities

SAP Releases December 2025 Security Updates Addressing Critical Vulnerabilities

SAP Releases December 2025 Security Updates Addressing Critical Vulnerabilities
Trendline Trendline
IBM Addresses Over 100 Vulnerabilities Across Multiple Products

IBM Addresses Over 100 Vulnerabilities Across Multiple Products

IBM Addresses Over 100 Vulnerabilities Across Multiple Products
Reuters Reuters
Adobe plugs Photoshop, Acrobat tools into ChatGPT

Adobe plugs Photoshop, Acrobat tools into ChatGPT

Dec 10 (Reuters) - Adobe is integrating Photoshop, Adobe Express and Acrobat apps into ChatGPT, it said on Wednesday, allowing users to edit images, design graphics and manage PDFs within the OpenAI-owned chatbot.
Trendline Trendline
Adobe Integrates Creative Tools into ChatGPT, Expanding User Access

Adobe Integrates Creative Tools into ChatGPT, Expanding User Access

Adobe Integrates Creative Tools into ChatGPT, Expanding User Access
Rapid Read Rapid Read
React2Shell Vulnerability Exploitation Surges, Affecting Over 50 Organizations

React2Shell Vulnerability Exploitation Surges, Affecting Over 50 Organizations

A critical vulnerability known as React2Shell in React Server Components has led to a surge in cyberattacks, affecting more than 50 organizations globally. The Cybersecurity and Infrastructure Security Agency has expedited the deadline for patching the vulnerability to mitigate risks. The vulnerability, identified as CVE-2025-55182, has been exploited by various threat actors, including nation-state attackers and cybercriminals. The attacks have targeted organizations across multiple sectors, including financial services, technology, and government. The vulnerability affects several React frameworks and bundlers, making it a widespread issue. Security experts have compared the React2Shell defect to the Log4Shell exploit, noting its potential for significant impact.
Reuters Reuters
Adobe sees upbeat annual results on AI, design software strength

Adobe sees upbeat annual results on AI, design software strength

Dec 10 (Reuters) - Adobe forecast fiscal 2026 revenue and profit above Wall Street expectations on Wednesday, signaling strong demand for the Photoshop maker's design tools and increasing monetization for its artificial intelligence offerings. 
Rapid Read Rapid Read
Log4Shell Vulnerability Persists with 40 Million Downloads in 2025

Log4Shell Vulnerability Persists with 40 Million Downloads in 2025

Sonatype has reported that 13% of Log4j versions downloaded in 2025 were vulnerable to the critical Log4Shell bug. This vulnerability, which has been a significant concern in cybersecurity circles, continues to pose risks as it is still being downloaded extensively. The Log4Shell bug, first identified in 2021, allows attackers to execute arbitrary code on affected systems, making it a severe threat to data security. Despite efforts to patch and secure systems, the continued download of vulnerable versions indicates ongoing challenges in cybersecurity management and awareness.
Rapid Read Rapid Read
WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

WinRAR Vulnerability CVE-2025-6218 Exploited by Multiple Threat Groups

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in the WinRAR file archiver, identified as CVE-2025-6218, to its Known Exploited Vulnerabilities catalog. This path traversal bug, which affects Windows-based builds, allows attackers to execute code by tricking users into opening malicious files. Despite being patched in June 2025, the flaw is actively exploited by threat groups such as GOFFEE, Bitter, and Gamaredon. These groups have used the vulnerability in targeted attacks, including phishing campaigns against Ukrainian entities, to deploy malware and conduct espionage operations.
Rapid Read Rapid Read
Petco Takes Down Vetco Website Following Customer Data Exposure

Petco Takes Down Vetco Website Following Customer Data Exposure

Petco has temporarily taken its Vetco Clinics website offline after a security lapse exposed customer data. The breach allowed public access to sensitive information, including medical histories and personal details of Vetco customers and their pets. TechCrunch discovered the vulnerability, which involved an insecure direct object reference (IDOR) flaw, allowing access to customer records by altering web addresses. Petco confirmed the breach and is investigating, but has not disclosed the extent of data extraction. This incident marks Petco's third data breach in 2025, following previous breaches involving customer data hosted on Salesforce and another due to a software setting error.
Rapid Read Rapid Read
React2Shell Vulnerability Exploited by Cybercriminals, Impacting Numerous Organizations

React2Shell Vulnerability Exploited by Cybercriminals, Impacting Numerous Organizations

A critical vulnerability in the React library, known as React2Shell, is being actively exploited by cybercriminals. This vulnerability, officially tracked as CVE-2025-55182, affects systems using React version 19, particularly those with React Server Components. The flaw allows for unauthenticated remote code execution through specially crafted HTTP requests. Major cybersecurity firms have reported a surge in attacks, with Chinese threat actors initially exploiting the vulnerability. The attacks have led to the delivery of various malware types, including cryptocurrency miners and cloud credential theft tools. Notably, North Korea-linked actors have used the vulnerability to deploy persistent access implants like EtherRAT. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, urging federal agencies to address it promptly.
Trendline Trendline
Figma Introduces AI-Powered Image Editing Tools to Enhance Design Capabilities

Figma Introduces AI-Powered Image Editing Tools to Enhance Design Capabilities

Figma Introduces AI-Powered Image Editing Tools to Enhance Design Capabilities