Even video games aren’t safe. A newly disclosed flaw in the Unity game engine—the platform powering thousands of popular titles—has been assigned CVE‑2025‑59489 and carries a critical severity rating. The vulnerability could allow attackers to achieve arbitrary code execution on Android and privilege escalation on Windows, with additional exposure across macOS and Linux.

Unity is one of the most widely used game engines in the world, powering everything from indie hits to AAA blockbusters. That massive footprint means the potential impact of this flaw is enormous.

Most cyberattacks still start with a phish 🎣—and Microsoft is taking another step to cut off one of the attackers’ favorite tricks.

Beginning in September 2025, Microsoft started rolling out a change to Outlook for Web and the new Outlook for Windows: the platforms will no longer display inline SVG (Scalable Vector Graphics) images. By mid‑October 2025, this rollout will be complete worldwide.

OpenShift AI is designed to help organizations manage the lifecycle of predictive and generative AI models at scale, across hybrid cloud environments. It’s the backbone for many enterprises running machine learning pipelines, from training to deployment. But a newly disclosed vulnerability has revealed a serious crack in that foundation—one that could allow attackers to escalate privileges and seize complete control of the infrastructure.

Multiple vulnerabilities have been discovered in VMware Aria Operations and VMware Tools, the most severe of which could allow attackers to escalate privileges all the way to root. That means full control: installing programs, viewing or deleting data, and creating new accounts with complete user rights. Even worse, one of these flaws has already been exploited in the wild as a zero‑day since October 2024.

If you thought fonts were just about picking between Helvetica and Comic Sans, think again. In Apple’s latest round of security updates, the company patched a critical flaw where a maliciously crafted font could crash apps, corrupt memory, and potentially open the door to more serious exploits. Yes—fonts are now a cybersecurity threat.