Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Node.js patched a serious vulnerability (CVE-2025-5513) that could expose uninitialized memory and leak secrets like tokens or application data due to a race condition in the buffer allocation logic. This vulnerability affects the vm module with timeouts and is part of a broader coordinated security update across all active Node.js release lines.

Join us for this week's Defender Fridays as we explore the evolving threat of deepfakes in hiring and remote work with Tom Cross, Head of Threat Research at GetReal Security. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

The AI agent queries telemetry, correlates user events across process execution, logins, and network data, then reports the last seen timestamp with historical activity patterns.

"Alert when someone accesses C:\Users\Public\Documents" becomes a complete FIM pipeline. The AI enables monitoring, creates the detection rule, and validates the alerting workflow end-to-end.

AI agents power innovation but face hidden hacks, leaks, and tricks. This session uncovers 7 key risks, like cyberattacks, insider threats, bias abuse, and rogue actions, with best practices and real demo videos. Speaker: Vipika Kotangale Technical Content Writer, miniOrange Pune, India.

Secure coding starts with deeply understanding code and vulnerabilities, and secure code reviews are crucial in finding issues early. In this hands-on secure code review workshop, we will teach the participants how to perform effective code reviews with both manual and automated techniques. Speaker: Prateek Thakare Senior Security Engineer, GoDaddy Bengaluru, India& Gaurav Bhosale Senior Application Security Engineer | Ex-10xbanking, Mastercard, Payatu Indore, India.

MiniMax M2.1 Created This App, But Does It Work?

The Titanic didn't hit the iceberg by accident. Organizations hit the API security iceberg for the same reason: they didn't see it coming. Your API iceberg consists of: Public APIs — for customers (SaaS, partners, third-parties) Private APIs — internal infrastructure (larger companies = larger insider threat surface) Partner APIs — for ecosystem integration AI APIs — the new frontier (and the most dangerous)

The discussion attacks fiat currency and argues for open digital money that works across borders without bank packages and profit driven fees. Bitcoin appears as long term store of value, with faster networks such as Ether handling daily transactions and travel friendly payments in a more consistent way.

Welcome to the inaugural RazorWire Raw, a new content series offering additional, unfiltered thoughts on news and security issues. This series, born from viewer requests, aims to provide more in-depth content beyond the regular podcast. We're excited to expand our content creation and provide more insights for our audience.