Category: Cybersecurity

CybersecuritySoftware

Microsoft Addresses Critical ASP.NET Core Vulnerability in Kestrel Web Server

Microsoft has released patches for a critical vulnerability in ASP.NET Core’s Kestrel web server, rated 9.9 on the CVSS scale. The flaw, involving request smuggling, could bypass security measures depending on application code. Developers are urged to evaluate risks and apply updates promptly.

Critical Security Flaw Identified in ASP.NET Core

Microsoft has addressed a highly critical vulnerability in ASP.NET Core, specifically within its Kestrel web server component, according to reports. The flaw, designated as CVE-2025-55315, has been assigned a CVSS score of 9.9, which sources indicate is the highest ever recorded by Microsoft for such issues. Security program manager Barry Dorrans described it as a “security feature bypass,” emphasizing that the severity reflects worst-case scenarios where the vulnerability could significantly alter security scope.

by Elijah Porter
CybersecurityGovernment

UK Government Password Breach Exposes Critical Security Vulnerabilities

Hundreds of UK civil servants have had their business passwords compromised and exposed on the dark web in what security experts describe as a “particularly dangerous” incident. The Ministry of Justice was reportedly the most affected institution, with the breach lasting more than twelve months before detection.

Widespread Password Exposure Hits UK Government

Hundreds of civil servants across multiple UK government departments have had their business passwords exposed on the dark web for more than a year in what security analysts suggest represents a significant cybersecurity failure. According to reports from password management firm NordPass and threat exposure platform NordStellar, the incident affected numerous national and regional organizations throughout the United Kingdom.

by Aaron Vale