Last year, Kubernetes fixed a command injection vulnerability in the Kubernetes NodeLogQuery feature (CVE-2024-9042) [1]. To exploit the vulnerability, several conditions had to be met: The vulnerable node had to run Windows The attacker had to have permissions to read logs The NogeLogQuery feature had to be enabled (at least at the…
James Gallagher,Health and science correspondentand Natalie Truswell,Investigations producer Shutterstock The donor’s sperm was used in clinics across Europe (stock image) A sperm donor who unknowingly harboured a genetic mutation that dramatically raises the risk of cancer has fathered at least 197 children across Europe, a major investigation has revealed. Some children have already died and…
Microsoft is publishing a relatively light 54 new vulnerabilities this December 2025 Patch Tuesday, which is significantly lower than we have come to expect over the past couple of years. Today’s list includes two publicly disclosed remote code vulnerabilities, and a single exploited-in-the-wild vulnerability. Three critical remote code execution (RCE) vulnerabilities are also patched today;…
ISC Stormcast For Wednesday, December 10th, 2025 https://isc.sans.edu/podcastdetail/9732, (Wed, Dec 10th) Source link
Intel has signed a term sheet to acquire the AI chip startup SambaNova Systems, two sources with direct knowledge of the agreement tell WIRED. The details of the term sheet are unknown. The agreement is nonbinding, meaning the deal is not yet finalized and could be dissolved without penalty. It could take weeks or even…
Artificial intelligence (AI) reasoning capabilities determine whether models can handle complex, real-world tasks beyond simple pattern matching. With strong reasoning, models can identify problems from ambiguous descriptions, apply policies under competing constraints, adapt tone to sensitive situations, and provide complete solutions that address root causes. Without robust reasoning, AI systems fail when faced with nuanced…
This release addresses 57 vulnerabilities. 3 of these vulnerabilities are rated critical. One vulnerability was already exploited, and two were publicly disclosed before the patch was released. CVE-2025-62221: This privilege escalation vulnerability in the Microsoft Cloud Files Mini Filters driver is already being exploited. CVE-2025-54100: A PowerShell script using Invoke-WebRequest may execute scripts that are included…
OpenAI has allegedly become more guarded about publishing research that highlights the potentially negative impact that AI could have on the economy, four people familiar with the matter tell WIRED. The perceived pullback has contributed to the departure of at least two employees on OpenAI’s economic research team in recent months, according to the same…
As the year winds down, Microsoft Patch Tuesday in December arrives with essential fixes and enhancements to close vulnerabilities and boost performance. Here’s a quick breakdown of what you need to know. Microsoft Patch Tuesday for December 2025 This month’s release addresses 72 vulnerabilities, including three critical and 55 important-severity vulnerabilities. In this month’s updates, Microsoft has addressed three zero-day vulnerabilities. One of them was exploited, and two were publicly disclosed. Microsoft has addressed 15 vulnerabilities in Microsoft Edge (Chromium-based) in this month’s updates. Microsoft…
Slack CEO Denise Dresser is leaving the company and joining OpenAI as the company’s chief revenue officer, multiple sources tell WIRED. Marc Benioff, the chief executive of Salesforce, which owns Slack, shared news of Dresser’s departure in a message to staff on Monday evening. At OpenAI, Dresser will manage the company’s enterprise unit, which has…
