Kohler Health launched Dekoda in October 2025, a $600 device (plus a monthly subscription) that clips onto your toilet rim.
It uses optical sensors and a camera to capture images inside the bowl, analyzing waste to assess gut health, hydration levels, and more.
The...
Attackers exploit a critical privilege escalation flaw in the King Addons for Elementor WordPress plugin, allowing unauthenticated users to create administrator accounts and seize control of sites.
This vulnerability, tracked as CVE-2025-8489 with a CVSS score of 9.8, affects over 10,000 installations and has...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of a high-severity authentication flaw in Iskra's iHUB and iHUB Lite intelligent metering gateways.
Released on December 2, 2025, under alert code ICSA-25-336-02, the vulnerability enables remote attackers to reconfigure...
A security flaw in Microsoft Azure API Management's Developer Portal allows attackers to register accounts across tenants, bypassing admin controls that turn off user signups.
Even when administrators hide the signup form via the Azure Portal, the backend API endpoint stays active.
This issue...
Google released the Android Security Bulletin for December 2025 on December 1, with an update on December 4 the advisory patches more than 107 vulnerabilities across Android 13 through 16 and later.
Security patch levels of 2025-12-01 or 2025-12-05 fix these issues completely. Two...
A proof-of-concept (PoC) exploit for CVE-2024-21413, a critical remote code execution (RCE) flaw in Microsoft Outlook dubbed "MonikerLink," has been released publicly on GitHub, enabling researchers to test the vulnerability in controlled lab environments.
This zero-click issue, with a CVSS v3.1 score of 9.8...