Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2025-64095 is a critical unauthenticated file-upload vulnerability affecting DNN (DotNetNuke) versions prior to 10.1.1. The flaw exists in the platform’s default HTML editor provider, where upload validation and authorization checks were insufficient. Attackers can upload files and overwrite existing content without credentials, enabling page defacement, malicious script injection, and in some environments stored cross-site scripting (XSS).

Money20/20 has always been a window into what's next for money movement, and in 2025, crypto and stablecoins took center stage with a new energy and focus. This year, the discussions for crypto were all about infrastructure, collaboration, and building systems that last. Across sessions, one message kept surfacing: Crypto's future depends on collaboration. During our Money20/20 panel, Lee Bagan from Bridge put it best: "We're not asking if crypto can work within the system anymore.

As Persona’s telecom lead, I've spent much of my career speaking to communications platform as a service (CPaaS) and network providers about verification and consumer protection in the wireless industry. Sometimes, it felt rare to see the telecom and identity worlds truly intersect at industry events, but at this year’s Mobile World Congress Las Vegas, that intersection was impossible to miss.

Today's data sprawls across the cloud, on-prem, and endpoints. Data lives everywhere, but the biggest challenge isn't just knowing where data resides across the organization. Security teams must understand what the data represents, identify what’s at risk, and protect it in real time.

Today's data sprawls across the cloud, on-prem, and endpoints. Data lives everywhere, but the biggest challenge isn't just knowing where data resides across the organization. Security teams must understand what the data represents, identify what’s at risk, and protect it in real time.

Large language models are no longer side projects. Sales teams rely on them for emails, support teams for ticket summaries, legal for first-draft reviews, and product teams for search and personalization. That ubiquity changes the risk math. Sensitive information flows through prompts, fine-tuning sets, retrieval indexes, analytics stores, and vendor logs. Regulators now expect the same discipline for LLM pipelines that they expect for core systems handling customer data.

Calico has used eBPF as one of its dataplanes since version 3.13, released more than five years ago. At the time, this was an exciting step forward, introducing a new, innovative data plane that quickly gained traction within the Calico community. Since then, there have been many changes and continued evolution, all thanks to the many adopters of the then-new data plane.

With the release of Desktop and Web Vault Update 17.4, Keeper Security’s desktop app is now available on the Linux Snap Store, bringing zero-trust, zero-knowledge password management and digital vault functionality to millions of Linux users. Designed with performance, privacy and platform flexibility in mind, Keeper delivers a secure solution that empowers users to manage their credentials and secrets without compromise.