Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A critical vulnerability, CVE-2025-66516 (CVSS 10.0), has been identified in Apache Tika, affecting how the framework processes PDF files containing XFA (XML Forms Architecture) data. The vulnerability resides in tika-core, which means any system using Tika’s default parsing behavior remains vulnerable even if the PDF parser module was previously patched. No special configuration or insecure application code is required; simply ingesting a malicious PDF is enough to trigger the exploit.

The modern JavaScript ecosystem was shaken this week as Meta, Vercel, Google Cloud, AWS, and leading security researchers revealed two critical issues: CVE-2025-55182 and the downstream Next.js variant CVE-2025-66478. Both are rated CVSS 10 and allow remote code execution (RCE) by exploiting weaknesses in the React Server Components (RSC) “Flight” protocol. The vulnerabilities affect React 19 and all major frameworks embedding the RSC implementation, most notably Next.js 15.x and 16.x.

Cybersecurity in 2026 is entering its most transformative and volatile phase yet. For CISOs, the landscape is no longer defined only by web, network, and cloud threats. Instead, attackers now target AI/LLM systems, APIs, identity platforms, SaaS ecosystems and supply chains. The surge in attacks across applications, APIs, and GenAI systems indicates that adversaries are scaling faster, using automation, AI-assisted exploitation, and new social engineering vectors.

Apache SkyWalking is one of the most widely adopted open-source Application Performance Monitoring (APM) and observability platforms, trusted by developers and DevOps teams to visualize telemetry, trace distributed systems, and ensure application uptime. However, a recently disclosed vulnerability has revealed that the very dashboards designed to improve visibility could be turned into attack vectors.

During the first half of 2025, APIs faced significantly higher number of attacks than traditional web applications. On average, attacks per API host were 72% higher than those targeting websites, and exploitation of API vulnerabilities surged 13× compared to a 27% increase for website vulnerabilities, according to the State of Application Security Global H1 2025.

APIs are now the foundation of SaaS product development, powering authentication, user onboarding, billing, integrations, webhooks, analytics, and internal microservices. As this API footprint grows, the threat landscape has intensified. The Indusface State of Application Security H1 2025 Report recorded a 104% rise in API-targeted attacks, a 13X increase in API vulnerability exploits, and 388% more DDoS attacks on API hosts than on websites.

On 14 November 2025, the Government of India notified the Digital Personal Data Protection (DPDP) Rules, 2025, officially activating the DPDP Act, 2023. The Rules transform the law from a policy framework into a fully enforceable compliance regime, starting an 18-month implementation countdown for every business in India.

The internet’s fragility was evident again during the recent Cloudflare outage. A single internal fault rippled outward and disrupted major websites and business applications. X, ChatGPT, media platforms, dashboards and thousands of other services simultaneously showed 5xx errors. And this is not new.

Apache Tomcat continues to play a central role in hosting Java-based web applications across enterprises, cloud services, and government systems. Its reliability and lightweight architecture make it a go-to choice for developers, but its ubiquity also means that a single vulnerability can have widespread security implications. CVE-2025-55752, disclosed in late 2025, highlights how a subtle processing regression can evolve into a high-impact vulnerability under the right conditions.

The Django Software Foundation has rolled out important security fixes addressing two serious vulnerabilities that could let attackers manipulate databases and disrupt application availability. The vulnerabilities such as CVE-2025-64459 (SQL Injection) and CVE-2025-64458 (Denial of Service), were found in commonly used functions of the Django web framework. These vulnerabilities affect how Django processes queries and handles redirects, especially when user-supplied input is not properly validated.