The Hacker News

CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog

CISA reports active exploitation of GeoServer XXE flaw CVE-2025-58360 and directs immediate updates to secure affected ...
CSO Online

Hidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fix

Researcher warns that many .NET applications might be vulnerable to arbitrary file writes because .NET’s HTTP client proxy ...
InfoWorld

Apache Tika hit by critical vulnerability thought to be patched months ago

CVE-2025-54988 is a weakness in the tika-parser-pdf-module used to process PDFs in Apache Tika from version 1.13 to and ...
SecurityWeek

Critical Apache Tika Vulnerability Leads to XXE Injection

CVE-2025-66516 is a critical Apache Tika vulnerability can be exploited on all platforms in XXE injection attacks via crafted ...

EPA eliminates mention of fossil fuels in website on warming's causes. Scientists call it misleading

The Environmental Protection Agency has removed references to fossil fuels from its online page about climate change causes.
Arizona Daily Star

EPA eliminates mention of fossil fuels in website on warming's causes

The Environmental Protection Agency removed any mention of fossil fuels — the main driver of global warming — from its ...
Dark Reading

Apache Issues Max-Severity Tika CVE After Patch Miss

The Apache Software Foundation's earlier fix for a critical Tika flaw missed the full scope of the vulnerability, prompting ...
Mid-Day

ED files chargesheet against Reliance Power, 10 others in Rs 68 crore fake bank guarantee case

ED chargesheet Reliance Power and 10 others in a Rs 68 crore fake bank guarantee case tied to a SECI tender. Probe reveals ...

‘We look ridiculous’: US government website removes fossil fuels as cause of global warming

The US Environmental Protection Agency (EPA) has removed any mention of fossil fuels – the main driver of global warming – ...