Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role — managing authentication, enforcing policy, and connecting users across distributed environments.
That prominence also
The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen
On this special episode of Afternoon Cyber Tea, Ann brings listeners inside the 2025 RSA Conference to explore the intersection of AI, quantum computing and cyber resiliency with two visionary experts: Massachusetts Institute of Technology’s Vinod Vaikuntanathan and Dr. Sasha O’Connell from The Aspen Institute. Vinod shares how quantum computing poses a serious threat to current encryption methods and explains the urgent need for post-quantum cryptography, while Sasha shares her non-technical path into cybersecurity, her work leading Aspen Digital’s global policy efforts and the launch of the new public campaign aimed at making cybersecurity accessible and actionable for everyone.
Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild.
The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution privileges.
“The most severe of
A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing evidence of active exploitation.
The vulnerability, tracked as CVE-2025-3248, carries a CVSS score of 9.8 out of a maximum of 10.0.
“Langflow contains a missing
![[webapps] ERPNext 14.82.1 – Account Takeover via Cross-Site Request Forgery (CSRF)](https://i0.wp.com/deeteknoloji.com/wp-content/uploads/2025/04/spider-orange.png?resize=144%2C144&ssl=1)
ERPNext 14.82.1 – Account Takeover via Cross-Site Request Forgery (CSRF)
Grokability Snipe-IT 8.0.4 – Insecure Direct Object Reference (IDOR)
Casdoor 1.901.0 – Cross-Site Request Forgery (CSRF)
Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology.
The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo.
“These vulnerabilities can be chained by
Deepfakes are now mimicking heartbeats
In a nutshell
Recent research reveals that high-quality deepfakes unintentionally retain the heartbeat patterns from their source videos, undermining traditional detection methods that relied on detecting subtle skin color changes linked to heartbeats.
The assumption that deepfakes lack physiological signals, such as heart rate, is no longer valid. This challenges many existing detection tools, which may need significant redesigns to keep up with the evolving technology.
To effectively identify high-quality deepfakes, researchers suggest shifting focus from just detecting heart rate signals to analyzing how blood flow is distributed across different facial regions, providing a more accurate detection strategy…