The Hacker News

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js released updates fixing a critical DoS flaw caused by async_hooks stack crashes, tracked as CVE-2025-59466, impacting ...

Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly ...
Mathrubhumi English

Warning for Android users: Audio bug that lets hackers hijack phones

CERT-In urges immediate Android updates for critical Dolby audio vulnerability (CVE-2025-54957). Zero-click threat allows ...
ZDNet

Microsoft account hijack vulnerability earns bug bounty hunter $50,000

Microsoft has awarded a bug bounty hunter $50,000 for disclosing a vulnerability leading to account hijacking. In a blog post on Tuesday, researcher Laxman Muthiyah said the security flaw could "have ...
SecurityWeek

Vulnerability in Totolink Range Extender Allows Device Takeover

A vulnerability in Totolink EX200 leads to the launch of an unauthenticated root-level Telnet service, allowing complete ...
CoinTelegraph

DeFi auditor nets $40,000 for identifying Uniswap vulnerability

A security firm flagged a now-fixed vulnerability to Uniswap, highlighting the potential for reentrancy attacks on the protocol’s Universal Router smart contract. Uniswap’s recently launched bug ...
ZDNet

Bug bounty platform urges need for firms to have vulnerability disclosure policy

Organisations should provide a proper channel through which anyone can report vulnerabilities in their systems. This will ensure potential security holes can be identified and plugged before they are ...