bug
-
Blog
O2 UK patches bug leaking mobile user location from call metadata
A flaw in O2 UK’s implementation of VoLTE and WiFi Calling technologies could allow anyone to expose the general location of a person and other identifiers by calling the target. The problem was discovered by security researcher Daniel Williams, who says the flaw existed on O2 UK’s network since March 27, 2017, and was resolved yesterday. O2 UK is a British…
Read More » -
Blog
CISA tags recently patched Chrome bug as actively exploited
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. Solidlab security researcher Vsevolod Kokorin discovered the flaw (CVE-2025-4664) and shared technical details online on May 5th. Google released security updates to patch it on Wednesday. As Kokorin explained, the vulnerability is due to insufficient policy enforcement in Google Chrome’s…
Read More » -
Blog
Microsoft fixes Exchange Online bug flagging Gmail emails as spam
Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. Tracked as EX1064599 in the Microsoft 365 admin center, the issue started impacting users on April 25 at 09:24 UTC, automatically moving emails erroneously tagged as malicious to the junk folder. “We’ve identified that our machine learning (ML)…
Read More » -
Blog
Microsoft fixes machine learning bug flagging Adobe emails as spam
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. As the company revealed in an advisory on the Microsoft 365 admin center tagged as EX1061430, users had issues accessing alerts for Adobe URLs starting April 22 at 09:24 UTC while being warned that a…
Read More » -
Blog
Google Still Hasn’t Fixed This Dark Mode Bug on Pixel
Dark mode has saved many of us from eye pain when using our smartphones at night. The difference between a black display with white text and a blinding white screen with black text is immeasurable when your phone is the only light source in the room—especially when you’re opening your eyes for the first time in a while. While many…
Read More » -
Blog
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. Researchers at the Ruhr University Bochum in Germany disclosed the flaw on Wednesday, warning that all devices running the daemon were vulnerable. “The issue is caused by a flaw in the SSH protocol message handling which allows an…
Read More » -
Blog
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracked as CVE-2025-20236, this security flaw was found in the Webex custom URL parser and can be exploited by tricking users into downloading arbitrary files, which lets threat actors execute arbitrary commands on systems running…
Read More » -
Blog
OpenAI announces five-fold increase in bug bounty reward
OpenAI has announced a slew of new cybersecurity initiatives, including a 500% increase to the maximum award for its bug bounty program. In a blog post confirming the move, the organization set out plans to expand its cybersecurity grant program. So far, the tech giant has given funding to 28 research projects looking at both offensive and defensive security measures,…
Read More » -
Blog
Exchange Online bug mistakenly quarantines user emails
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users’ emails. According to a new incident report added to the Microsoft 365 Admin Center, the email issues started almost five hours ago, at 10:11 UTC. While the company has yet to share what regions are impacted, this Exchange Online incident has been tagged as a critical service issue tracked under EX1038119 on the…
Read More » -
Blog
Veeam RCE bug lets domain users hack backup servers, patch now
Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. The flaw was disclosed yesterday and affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds. The company fixed it in version 12.3.1 (build 12.3.1.1139), which was released yesterday. According to a technical writeup by watchTowr Labs, who…
Read More »