New license expiration alerts help you avoid protection gaps

SAP has released 14 security notes on January 2025 Patch Day, including two addressing critical vulnerabilities in NetWeaver. The post SAP Patches Critical Vulnerabilities in NetWeaver appeared first on SecurityWeek.

Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances. Tracked as CVE-2025-25257, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. “An improper neutralization of special elements used in an SQL command (‘SQL Injection’)…

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures.  The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek.

RTHK reports: The government office responsible for providing insolvency services has issued an apology after magnetic tapes containing information of about 76,000 people went missing. However, it stressed chances of a data leak is “extremely low”. The Official Receiver’s Office revealed on Monday that seven magnetic backup tapes were lost while being delivered from Immigration…

Docket Number 25-0883 in District Court for the District of Columbia. Lawsuit filed against Defense Secretary Pete Hegseth, DNI Tulsi Gabbard, CIA Director John Ratcliffe, Treasury Secretary Scott Bessent, Secretary of State and acting Archivist Marco Rubio, and the U.S. National Archives and Records Administration concerning news reports that journalist Jeffery Goldberg had been added…

Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the…