Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Node.js patched a serious vulnerability (CVE-2025-5513) that could expose uninitialized memory and leak secrets like tokens or application data due to a race condition in the buffer allocation logic. This vulnerability affects the vm module with timeouts and is part of a broader coordinated security update across all active Node.js release lines.

Join us for this week's Defender Fridays as we explore the evolving threat of deepfakes in hiring and remote work with Tom Cross, Head of Threat Research at GetReal Security. At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

The AI agent queries telemetry, correlates user events across process execution, logins, and network data, then reports the last seen timestamp with historical activity patterns.

"Alert when someone accesses C:\Users\Public\Documents" becomes a complete FIM pipeline. The AI enables monitoring, creates the detection rule, and validates the alerting workflow end-to-end.

AI agents power innovation but face hidden hacks, leaks, and tricks. This session uncovers 7 key risks, like cyberattacks, insider threats, bias abuse, and rogue actions, with best practices and real demo videos. Speaker: Vipika Kotangale Technical Content Writer, miniOrange Pune, India.

Secure coding starts with deeply understanding code and vulnerabilities, and secure code reviews are crucial in finding issues early. In this hands-on secure code review workshop, we will teach the participants how to perform effective code reviews with both manual and automated techniques. Speaker: Prateek Thakare Senior Security Engineer, GoDaddy Bengaluru, India& Gaurav Bhosale Senior Application Security Engineer | Ex-10xbanking, Mastercard, Payatu Indore, India.