Oct 07, 2025Ravie LakshmananVulnerability / Cloud Security Redis has disclosed details of a maximum-severity security flaw in its in-memory database software that could result in remote code execution under certain circumstances. The vulnerability, tracked as CVE-2025-49844 (aka RediShell), has been assigned a CVSS score of 10.0. “An authenticated user may use a specially crafted Lua…
Law enforcement, law firms, hospitals, and financial institutions are asked every day to release records, which can contain highly sensitive details – including addresses, social security numbers, medical diagnoses, evidence footage, and children’s identities. To meet compliance and security requirements, staff spend hundreds of hours manually redacting sensitive information, yet when that process goes wrong,…
Time is running out to join one of the startup world’s largest annual conferences. You have just 4 days left to lock in up to $624 in savings on your TechCrunch Disrupt 2025 pass before prices rise Friday, October 17 at 11:59 p.m. PT. Bringing a plus-one? Get 50% off the second ticket. Bringing a…
The next-gen console race is on but it might not be like any of the ones we’ve seen in the past. Amid Microsoft’s multiplatform pivot and re-embrace of PC gaming, the next Xbox and Sony’s PlayStation 6 might be more different than we expect. According to the latest batch of reporting and rumors, both new…
Oct 06, 2025Ravie LakshmananEmail Security / Zero-Day A now patched security vulnerability in Zimbra Collaboration was exploited as a zero-day earlier this year in cyber attacks targeting the Brazilian military. Tracked as CVE-2025-27915 (CVSS score: 5.4), the vulnerability is a stored cross-site scripting (XSS) vulnerability in the Classic Web Client that arises as a result…
Guest author: Or Hillel, Green Lamp AI systems aren’t experimental anymore, they’re embedded in everyday decisions that affect millions. Yet as these models stretch into important spaces like real-time supply chain routing, medical diagnostics, and financial markets, something as simple as a stealthy data shift or an undetected anomaly can flip confident automation into costly…
This week, OpenAI announced that apps can now run directly inside ChatGPT, letting users book travel, create playlists, and edit designs without switching between different apps. Some immediately declared it the app platform of the future — predicting a ChatGPT-powered world where Apple’s App Store becomes obsolete. An open question was answered today – “what…
We’ve all been there. You’re watching an action-packed movie scene and you can barely hear the dialogue over the explosions, or worse, the tinny speakers on your flat-screen TV make everything sound like it’s coming from inside a cereal box. Modern TVs might have stunning picture quality but their built-in audio is almost universally disappointing…
Oct 03, 2025Ravie LakshmananCybersecurity / Malware A threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It’s also assessed to have commonalities with…
Google DeepMind has deployed a new AI agent designed to autonomously find and fix critical security vulnerabilities in software code. The system, aptly-named CodeMender, has already contributed 72 security fixes to established open-source projects in the last six months. Identifying and patching vulnerabilities is a notoriously difficult and time-consuming process, even with the aid of…
