The Apache Software Foundation (ASF) has issued a new CVE identifier for a critical security flaw in Apache Tika because its original vulnerability disclosure failed to capture the full extent …
Category:
Safety & Security
Safety & Security
Apache Tika hit by critical vulnerability thought to be patched months ago
by David Walker
CVE superset The maintainers have now realized that the XXE injection flaw is not limited to this module. It affects additional Tika components, namely Apache Tika tika-core, versions 1.13 to …
Safety & Security
How Russia’s Largest Private University is Linked to a $25M Essay Mill – Krebs on Security
by David Walker
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for …
Safety & Security
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
by David Walker
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate …
In 2026, EHS teams will face five major shifts: heat stress regulation, PFAS reporting, AI-driven safety risk, mental health enforcement, and climate disclosure. These aren’t emerging trends, they’re regulatory and …
In 2021, Safe Work Australia released a model Code of Practice (CoP) for Working in Extreme Heat. The latest iteration of that code was released by the …
Safety & Security
Android expands pilot for in-call scam protection for financial apps
by David Walker
Posted by Aden Haussmann, Associate Product Manager and Sumeet Sharma, Play Partnerships Trust & Safety Lead Android uses the best of Google AI and our advanced security expertise to tackle …
The US Cybersecurity and Infrastructure Security Agency (CISA) warned of “ongoing intrusions” from Chinese nation-state actors deploying the Brickstorm backdoor in organizations’ VMware vSphere environments. In an alert published Thursday, …
To the victim, the .lnk file looked like it opened a folder or launched a trusted application, but in reality, it could execute an arbitrary script, a dropper, or living-off-the …
Safety & Security
Cloudflare Scrubs Aisuru Botnet from Top Domains List – Krebs on Security
by David Walker
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. Cloudflare …