Ars Technica

Microsoft issues emergency update for macOS and Linux ASP.NET threat

Microsoft released an emergency patch for its ASP.NET Core to fix a high-severity vulnerability that allows unauthenticated attackers to gain SYSTEM privileges on devices that use the Web development ...
The Hacker News

Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, ...
news-graphic

NET program sees 60 percent success rate in 2025

Out of 51 participants, about 40 individuals completed the NET device program at Scott County Detention Center (SCDC) in 2025, according to Scott County Jailer Derran Broyles. The NET (neuro electric ...
InfoQ

ASP.NET Core in .NET 11 Preview 1 Brings New Blazor Components, Improved Navigation, and ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Dany Lepage discusses the architectural ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...
SecurityWeek

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...
SecurityWeek

Microsoft Boosts .NET Bounty Program Rewards to $40,000

Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards. Microsoft on Thursday announced that security researchers can now earn ...