Fortinet patches a critical FortiSIEM vulnerability (CVE-2025–64155) that allows unauthenticated remote code execution via exposed phMonitor service.
Get the latest international news and world events from around the world.
Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow
Node.js has released updates to fix what it described as a critical security issue impacting “virtually every production Node.js app” that, if successfully exploited, could trigger a denial-of-service (DoS) condition.
“Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion with a catchable error, which frameworks have come to rely on for service availability,” Node.js’s Matteo Collina and Joyee Cheung said in a Tuesday bulletin.
“A bug that only reproduces when async_hooks are used would break this attempt, causing Node.js to exit with 7 directly without throwing a catchable error when recursions in user code exhaust the stack space. This makes applications whose recursion depth is controlled by unsanitized input vulnerable to denial-of-service attacks.”
Microsoft updates Windows DLL that triggered security alerts
Microsoft has resolved a known issue that was causing security applications to incorrectly flag a core Windows component, the company said in a service alert posted this week.
The list of affected systems is quite extensive and includes both client (Windows 10 and Windows 11) and server (Windows Server 2012 through Windows Server 2025) platforms.
According to widespread user reports over the past several months, third-party security software flagged Windows assets, including WinSqlite3.dll, a dynamic link library (DLL) included with the Windows system libraries that implements the SQLite database engine, as vulnerable to attacks exploiting a memory corruption vulnerability (CVE-2025–6965).
Google plans to make Chrome for Android an agentic browser with Gemini
Google appears to be testing a new feature that integrates Gemini into Chrome for Android, allowing you to use agentic browser capabilities on your mobile device.
As spotted by Leo on X, Google is testing agentic capabilities and Gemini integration for Chrome on Android.
This claim is based on new references spotted on Chromium, which is the source code of Chrome.
Google’s Personal Intelligence links Gmail, Photos and Search to Gemini
Google is rolling out ‘Personal Intelligence,’ a new Gemini feature that pulls your data from Gmail, Photos, Google Search, and other products.
There are a couple of use cases for Personal Intelligence. Instead of offering generic answers, Gemini can use details from places you already store them.
This makes the whole experience more ‘personal.’
Familial Hypercholesterolemia Screening in Childhood and Early Adulthood: A Cost-Effectiveness Study
Sequential childhood or early adulthood screening for familial hypercholesterolemia may lower lifetime CVD risk, but is unlikely to be cost-effective unless ongoing follow-up for elevated cholesterol is widely implemented.
This study uses a computer model to estimate the cost-effectiveness of sequential familial hypercholesterolemia screening at age 10 or 18 years using 3 low-density lipoprotein cholesterol (LDL-C) thresholds.