Security Bulletin

Two of the flaws have a CVSS score of 8.8, with one under active exploitation.

The bug is one of 66 disclosed and patched today by Microsoft as part of its June 2025 Patch Tuesday set of security vulnerability fixes.

ESG research suggests security teams are using enterprise browsers to complement existing security tools and address network access issues.

Five zero-days, 15 misconfigurations could impact businesses using Salesforce services.

The flaw allows an authenticated attacker to gain complete control over a Roundcube webmail server.

Microsegmentation, once a stalled security dream, is now critical infrastructure in the fight against lateral movement.

Through artifact attestation and the SLSA framework, GitHub's Jennifer Schelkopf argues that at least some supply chain attacks can be stopped in their tracks.

It's unclear what kind of cyberattack occurred, but UNFI proactively took certain systems offline, which has disrupted the company's operations.

The Meta Ad Library does not retain all inactive ads, hindering analysis.

Despite deploying multiple solutions, many organizations struggle with alert fatigue and low threat detection accuracy, with 63% using over five tools but only 13% successfully correlating alerts.