TechRepublic

TechRepublic Resource Library

IT white papers, webcasts, case studies, and much more - all free to registered TechRepublic members. This glossary will help you grasp the vocabulary behind the technology of drones, so that you can ...
Microsoft

Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know

On October 14, 2025, Microsoft released a security update addressing CVE-2025-55315, a vulnerability in ASP.NET Core that allows HTTP request smuggling. While request smuggling is a known technique, ...
CSOonline

Critical ASP.NET core vulnerability earns Microsoft’s highest-ever severity score

The Kestrel web server flaw allows request smuggling attacks, but the actual risk depends on the application code and deployment. Microsoft has patched a critical vulnerability in ASP.NET Core that ...
SecurityWeek

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...
Dark Reading

ConnectWise Breached, ScreenConnect Customers Targeted

ConnectWise disclosed on May 28 that its network was breached in an attack that targeted ScreenConnect customers. The software company, which makes remote monitoring and management (RMM) tools like ...
Redmond Magazine

Microsoft Warns of ViewState Code Injection Attacks Using Publicly Disclosed Machine Keys

Microsoft Threat Intelligence has identified a limited attack campaign leveraging publicly available ASP.NET machine keys to conduct ViewState code injection attacks. The attacks, first observed late ...
Bleeping Computer

Microsoft says attackers use exposed ASP.NET keys to deploy malware

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, ...