Reform of housing taxes needs long-term planning – Law Gazette – Features
Property. – Read More
December 2025
Will reform deliver real protection for victims? – Law Gazette – Features
Stalking. – Read More
Extracting the Venom from IP ownership – Law Gazette – Features
Intellectual property. – Read More
Lammy launches English Law Promotion Panel – Legal Futures
The government has gathered a group of leading figures in the law and business into the English Law Promotion Panel with the aim of “future-proofing” the UK legal sector. The…
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks – The Hacker News
Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote…
Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill – Krebs on Security
A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for…
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog following reports…
Warning: React2Shell vulnerability already being exploited by threat actors – CSO Online
Plugging the React2Shell vulnerability in the open source React server and Next.js in IT environments has just become even more urgent with reports that exploits are already in the wild.…
Rust Code Delivers Better Security, Also Streamlines DevOps – Dark Reading
Software teams at Google and other Rust adopters see safer code when using the memory-safe language, and also fewer rollbacks and less code review. – Read More
Insecure use of Signal app part of wider Department of Defense problem, suggests Senate report – CSO Online
The Signalgate scandal that enveloped US Secretary of Defense Pete Hegseth in March appears to be symptomatic of a wider lax attitude towards the use of non-approved messaging apps by…
Chinese cyberspies target VMware vSphere for long-term persistence – CSO Online
Chinese state-sponsored threat actors are backdooring VMware vCenter and VMware ESXi servers with a malware program written in Go, allowing them to maintain long-term persistence in victim networks. According to…
India Rolls Back App Mandate Amid Surveillance Concerns – Dark Reading
Remember when Apple put that U2 album in everyone’s music libraries? India wanted to do that to all of its citizens, but with a cybersecurity app. It wasn’t a good…
We need to talk about the EU TDM exception and AI training – Technollama
Following the recent decision in GEMA v OpenAI, and last year’s Kneschke v LAION, we now have two German courts grappling with the applicability of the text and data mining…
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails – The Hacker News
A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s entire Google Drive contents, findings…
Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch – The Hacker News
A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vulnerability, tracked as CVE-2025-66516, is rated 10.0 on…