Node.js: Updated versions patch high-risk security vulnerabilities

Several security vulnerabilities, some classified as high-risk, have been discovered in the popular JavaScript runtime ...

Google Updating Billions To Chrome 144—New Security Issues Confirmed

If you are using Chrome 143, be warned: you need to ensure the Chrome 144 update is installed, as Google confirms 10 new ...

Windows info-disclosure 0-day bug gets a fix as CISA sounds alarm

A couple of other interesting bugs that Childs points out are these two, CVE-2026-20952 (CVSS 7.7) and CVE-2026-20953 (CVSS 7 ...
Krebs on Security

Patch Tuesday, January 2026 Edition

Microsoft today issued patches to plug at least 113 security holes in its various Windows operating systems and supported ...
The Hacker News

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...

Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly ...
Infosecurity-magazine.com

Navigating the Vulnerability Maze: Understanding CVE, CWE, and CVSS

The Forum of Incident Response and Security Teams (FIRST) officially launched the fourth version of the Common Vulnerability Scoring System (CVSS 4.0), in November 2023. CVSS 4.0, the industry ...
Hosted on MSN

Update Your Plex Server Now to Fix This Security Vulnerability

Bug bounty programs are extremely useful to reinforce security in the software we use daily. If you use Plex, a vulnerability has been discovered via said program—and you'll want to update as soon as ...
Fox News

Apple patches two zero-day flaws used in targeted attacks

Apple has released emergency security updates to fix two zero-day vulnerabilities that attackers actively exploited in highly targeted attacks. The company described the activity as an "extremely ...