Krebs on Security

Patch Tuesday, February 2026 Edition

Microsoft today released updates to fix more than 50 security holes in its Windows operating systems and other software, including patches for a whopping six “zero-day” vulnerabilities that attackers ...
Free Malaysia Today

Saving the heart after a heart attack

A heart attack in your 30s is not something most people expect – least of all the person experiencing it. Last October, a 33-year-old man arrived at Bukit Tinggi Medical Centre (BTMC) in Klang with ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...
Bleeping Computer

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day vulnerabilities. This Patch Tuesday also addresses eight "Critical" ...
Bleeping Computer

Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs

The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the ...
ZDNet

Why the CVE database for tracking security flaws nearly went dark - and what happens next

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...
Wired

‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program

In an eleventh-hour scramble before a key contract was set to expire on Tuesday night, the United States Cybersecurity and Infrastructure Security Agency renewed its funding for the longtime ...
Computer Weekly

CVE Foundation pledges continuity after Mitre funding cut

In the wake of the abrupt termination of the Mitre contract to run CVE Programme, a group of vulnerability experts and members of Mitre’s existing CVE Board have launched a new non-profit with the ...
Forbes

CVE Program Funding Reinstated—What It Means And What To Do Next

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...
Ars Technica

CVE, global source of cybersecurity info, was hours from being cut by DHS

The Common Vulnerability and Exposures, or CVE, repository holds the answers to some of information security’s most vital questions. Namely, which security issue are we talking about, exactly, and how ...
Computerworld

CVE funding cuts reversed after security concerns raised

The US decided to save a few dollars by ending funding for the Common Vulnerabilities and Exposures (CVE) — then abruptly reversed course. Editor’s note: After this story was published earlier today, ...
Nextgov

CISA extends MITRE-backed CVE contract hours before its lapse

“Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services,” an agency spokesperson said. The Cybersecurity and Infrastructure Security ...