GitHub

ASP.NET Core roadmap for .NET 11

ASP.NET Core planning for .NET 11 is now in progress! This roadmap is currently just a placeholder. We'll update the roadmap with specific planned features as planning progresses. This issue ...
Thurrott

Microsoft to Launch .NET 10 at .NET Conf 2025 Next Week

Microsoft will launch .NET 10 at its annual .NET virtual conference, .NET Conf, next week from November 11 to 13, 2025. “.NET Conf 2025 is a free, three-day virtual conference showcasing the latest ...
Microsoft

Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know

On October 14, 2025, Microsoft released a security update addressing CVE-2025-55315, a vulnerability in ASP.NET Core that allows HTTP request smuggling. While request smuggling is a known technique, ...
Bleeping Computer

QNAP warns of critical ASP.NET flaw in its Windows backup software

QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing up data to a QNAP network-attached storage (NAS) ...
Bleeping Computer

Microsoft fixes highest-severity ASP.NET Core flaw ever

Earlier this week, Microsoft patched a vulnerability that was flagged with the "highest ever" severity rating received by an ASP.NET Core security flaw. This HTTP request smuggling bug (CVE-2025-55315 ...
SecurityWeek

‘Highest Ever’ Severity Score Assigned by Microsoft to ASP.NET Core Vulnerability

CVE-2025-55315 is an HTTP request smuggling bug leading to information leaks, file content tampering, and server crashes. Microsoft’s October Patch Tuesday updates addressed a critical-severity ...
Microsoft

Code injection attacks using publicly disclosed ASP.NET machine keys

In December 2024, Microsoft Threat Intelligence observed limited activity by an unattributed threat actor using a publicly available, static ASP.NET machine key to inject malicious code and deliver ...