Tech Digest

Android AI app exposes nearly 2m user files – including private videos

Share A popular Android application has left millions of private user files exposed, allowing anyone with the correct link to view private videos and photos without a password. Researchers from […] ...
InfoWorld

WinterTC: Write once, run anywhere (for real this time)

The unified JavaScript runtime standard is an idea whose time has come. Here’s an inside look at the movement for server-side JavaScript interoperability.
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Microsoft fixes dozens of security flaws in Windows, Office, and Azure

This month's big batch of security updates addresses nearly 60 vulnerabilities across Microsoft's various products and ...
XDA Developers on MSN

I spent a weekend setting up this encrypted file sharing platform and it changed my workflow

This self-hosted platform has transformed how my files are shared and managed.
TechRadar

Worrying Microsoft Office security flaw patched - update now or risk hackers accessing your files

Microsoft issues emergency patch for Office zero-day CVE-2026-21509 Vulnerability allows attackers to bypass OLE mitigations and execute malware CISA adds flaw to KEV catalog; exploitation details ...
CNN

DOGE shared Social Security data to unauthorized server, according to court filing

A Department of Government Efficiency employee shared Social Security data without agency officials’ knowledge and in violation of security protocols, the Justice Department said in a court filing ...
TechRadar

Anthropic's official Git MCP server had some worrying security flaws - this is what happened next

Anthropic patched Git MCP flaws enabling remote code execution via tool chaining Cyata discovered CVEs; fixed in version 2025.12.18, no exploitation reported yet Claude previously manipulated in cyber ...
The Windows Club

You can download Windows Server 2025 ISO file now

Windows Server 2025 comes with great developments like Hotpatching for everyone, next-generation Active Directory and SMB, Mission Critical Data & Storage, Hyper-V & AI, etc. To get these features and ...
Hosted on MSN

Microsoft issues emergency Windows server security patch - update now or risk attack

Microsoft issues emergency patch for a critical WSUS flaw enabling remote code execution CVE-2025-59287 allows unauthenticated attackers to gain SYSTEM privileges without user interaction An ...
SecurityWeek

Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks

In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews. Microsoft this week announced that the preview feature is now ...