A newly disclosed vulnerability, CVE-2025-51591, is making waves in the cybersecurity community. The flaw—classified as a server-side request forgery (SSRF)—targets Amazon Web Services (AWS) Instance Metadata Service (IMDS), creating a critical attack vector that could compromise cloud-hosted systems at scale. 🔎 What Is CVE-2025-51591? At its core, this vulnerability allows attackers to trick a vulnerable … Continued
In a significant breach, UXLINK, a prominent Web3 social platform, has experienced a severe security exploit. Hackers gained unauthorized access to the platform’s multi-signature wallet, resulting in the minting of approximately 2 billion UXLINK tokens and the theft of around $11.3 million in various cryptocurrencies. The incident has led to a sharp decline in the … Continued
Global Aviation Summit Opens in Montreal as Cyber-Threats, Diplomatic Cracks and Environmental Pressures Loom Large Montreal — The triennial assembly of the United Nations’ International Civil Aviation Organization (ICAO) starts today (23 September 2025), and for many delegates, the atmosphere is uncomfortably charged. What should be a forum for technical cooperation and shared progress in … Continued
Microsoft Seals Critical Entra ID Flaw After Discovery of Global-Tenant Admin Impersonation Vulnerability September 22, 2025 Microsoft has patched a severe security vulnerability (CVE-2025-55241) in its identity platform, Entra ID (formerly Azure Active Directory), that could have allowed attackers to impersonate Global Administrators across any tenant worldwide. The flaw, which carried a maximum severity score … Continued
A sophisticated cyberattack has disrupted operations at three major European airports—Heathrow, Brussels, and Berlin—causing widespread flight cancellations and delays. Cybersecurity leaders say the incident exposes systemic weaknesses in shared aviation technology and underscores the urgent need for stronger supply chain security and compliance with evolving regulations like the NIS2 Directive. “Simultaneous disruptions at multiple airports … Continued
OpenAI Introduces Flexible Thinking Controls in ChatGPT OpenAI has unveiled a major update to ChatGPT, giving users the ability to choose how much reasoning effort the GPT-5 Thinking model invests before producing a response. This new control feature is designed to balance speed with depth, allowing users to tailor the AI’s output depending on their … Continued
TL;DR A critical improper-input-validation vulnerability (CVE-2025-54236, a.k.a. SessionReaper) in Adobe Commerce / Magento Open Source lets attackers take over customer sessions via the Commerce REST API — Adobe released an out-of-band patch on Sep 9, 2025 and urges immediate remediation. CVSS: 9.1 (Critical). Adobe Help Center What happened Adobe published an emergency security bulletin (APSB25-88) … Continued
What happened Plex, the media streaming and personal media server platform, confirmed today that an unauthorized third party accessed a limited subset of customer database information—including emails, usernames, and securely hashed passwords—through a security breach. The company stated that there is no evidence of credit card data being compromised, as they do not store such … Continued
OverviewOpenAI has made the organizational “Projects” feature in ChatGPT available to all users, including those on the free tier. In addition, a powerful new “Branch in new chat” toggle allows users to split ongoing conversations into focused threads—streamlining workflows and enhancing clarity.OpenAI Help Center What’s New? Projects for Free UsersPreviously exclusive to paid plans, ChatGPT … Continued
The presence of women in cybersecurity is no longer a rarity. It is an essential component of a thriving and secure digital landscape. By embracing and promoting diversity, we create a stronger, more resilient industry. Today, women have been making their mark in prominent positions within the cybersecurity industry. From C-suite executives to cybersecurity analysts, … Continued
