CVE-2025-68615 is a critical Net-SNMP snmptrapd vulnerability enabling buffer overflow, service crashes, and potential remote code execution.

Trust Wallet urged users to update its Chrome extension after a security incident caused about $7 million in losses.

An NPM package with over 56,000 downloads stole WhatsApp credentials, hid its activity, and installed a backdoor.

A critical flaw in LangChain Core could allow attackers to steal sensitive secrets and manipulate LLM responses via prompt injection.

Framework raises laptop prices again due to soaring RAM costs, now urging customers to buy their own memory elsewhere via integrated PCPartPicker links.

MIT and NVIDIA unveil FoundationMotion, an automated system that enables AI to master complex video motion, outperforming Gemini in autonomous driving scenes.

Sam Altman is hiring a Head of Preparedness with a $555K salary to combat AI mental health risks and lawsuits. Is this the most stressful job in tech?

GitHub disables Rockchip's MPP repository after a DMCA takedown by FFmpeg. The move follows a two-year standoff over blatant LGPL license violations.

Similarweb’s Dec 2025 report reveals a shift: General AI and Voice grow while creative tools slip. Gemini leads growth as the market pivots to automation.

A new round of weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs in your email box

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape

Stolen vault backups from the 2022 LastPass breach are still being cracked, allowing attackers to steal crypto as late as 2025.

Hacker claims Condé Nast breach, leaking 2.3M WIRED subscriber records and threatening to expose up to 40M more from other brands.

Google and Microsoft execs are clashing with South Korean suppliers as a massive HBM shortage forces Apple to face a 230% price hike for iPhone RAM.

Microsoft is testing a major fix for Windows 11 File Explorer that eliminates redundant indexing, slashing RAM and CPU usage for faster file searches.

Aikido Security uncovers the first sophisticated malware on Maven Central: a "prefix swap" attack on the Jackson library used to steal data.

Samsung confirms it has "frozen" Google Play system updates to protect One UI 8 stability. Learn why your Galaxy is stuck and when it will resume in 2026.

A malicious update to Trust Wallet v2.68.0 enabled a $7M Christmas Day heist. Users must update to v2.69.0 immediately to secure their funds.

Google is upstreaming Propeller to LLVM, bringing its 10% performance boost for the Linux kernel and large-scale apps to the standard compiler toolchain.

EmEditor confirms its official site was compromised, redirecting users to a malicious MSI signed by WALSHAM INVESTMENTS LIMITED to steal sensitive data.

pwn.ai reveals CVE-2025-54322, the first remotely exploitable zero-day found by autonomous AI agents, targeting Xspeeder SD-WAN gear globally.