Trend Micro has released patches for a significant code execution vulnerability in its Apex Central product. This flaw could allow attackers to execute arbitrary code, putting systems at risk. Tenable has since provided proof-of-concept code and technical details, which could assist malicious actors in exploiting the vulnerability if users do not update their systems promptly. Companies using Apex Central need to apply the patches to protect their networks from potential attacks. The urgency of this update is underscored by the fact that vulnerabilities of this nature can lead to serious breaches if left unaddressed.
Articles tagged "Update"
Found 247 articles
Cybersecurity researchers have uncovered that a group of Chinese-speaking hackers exploited vulnerabilities in VMware ESXi, using a compromised SonicWall VPN appliance to deploy an exploit toolkit. This toolkit appears to have been created over a year before the vulnerabilities were publicly disclosed. This means that the attackers had access to these exploits long before companies were aware of their existence, potentially allowing them to infiltrate networks unnoticed. Organizations using VMware ESXi should be particularly vigilant, as the vulnerabilities could lead to significant security breaches. The incident underscores the need for companies to regularly update their systems and monitor for unusual activity, as these types of attacks can have serious implications for data security.
A serious vulnerability has been discovered in HPE OneView, a management tool used for IT infrastructure. This flaw allows attackers to execute code remotely without needing any authentication, which poses a significant risk to organizations using this software. As the vulnerability is actively being exploited, affected companies must act quickly to protect their systems. This incident highlights the need for organizations to regularly update their software and apply security patches to defend against such attacks. Users of HPE OneView should prioritize checking for updates and implementing any recommended security measures to mitigate the risk of exploitation.
The jsPDF library, widely used for generating PDF documents in JavaScript applications, has a critical vulnerability that allows attackers to access sensitive data from a user's local filesystem. This flaw enables malicious actors to embed local files into generated PDFs, potentially leading to data breaches. Developers using jsPDF in their applications should be particularly vigilant, as this could affect any application relying on this library for PDF generation. The implications are serious, as sensitive information could be easily extracted without user consent. Users of applications built with jsPDF need to be aware of this risk and ensure that they update to the latest version as soon as a fix is available.
Veeam Backup & Replication has recently patched four vulnerabilities that could allow attackers to execute arbitrary code. These flaws affect users of the Veeam Backup & Replication software, which is widely used for data backup and recovery. If exploited, these vulnerabilities could lead to unauthorized access or manipulation of backup data, posing significant risks to data integrity and security. Users are strongly encouraged to update to the latest version of the software to close these security gaps and protect their systems from potential attacks. Keeping software up to date is crucial for maintaining a secure environment, especially for applications that handle sensitive data.
Veeam has issued security updates to address several vulnerabilities in its Backup & Replication software, including a significant remote code execution (RCE) flaw. This critical vulnerability could allow attackers to gain control over backup servers, posing a serious risk to organizations relying on this software for data protection. The flaws affect various versions of the Backup & Replication software, potentially exposing many users to exploitation if they do not update promptly. This situation is concerning as backup servers are vital for data recovery and integrity, and any compromise could lead to severe operational disruptions. Users are urged to apply the latest patches to safeguard their systems.
The Hacker News
A serious vulnerability has been found in n8n, an open-source workflow automation platform, which could allow authenticated users to run arbitrary system commands on the server. This vulnerability, identified as CVE-2025-68668, has a high severity score of 9.9 according to the CVSS system, indicating a significant risk. It stems from a failure in the protection mechanisms that should keep the system secure. Users of n8n should be particularly concerned as this issue could lead to unauthorized control over their systems. The affected versions include all versions prior to the patch that addresses this vulnerability, making it crucial for users to update their installations promptly to prevent potential exploitation.
Hackread – Cybersecurity News, Data Breaches, AI, and More
The hacking group known as ShinyHunters claims to have breached Resecurity, a US cybersecurity firm. They reportedly accessed sensitive data, although specific details about the type of information compromised have not been disclosed yet. Resecurity has acknowledged the incident and provided an update, although it remains unclear how many users or entities may be affected by this breach. This incident raises concerns about the security measures in place at cybersecurity firms themselves, as they are expected to be leaders in protecting sensitive data. The implications of such a breach could significantly undermine trust in the industry.
The RondoDox botnet has been identified exploiting a serious vulnerability known as React2Shell (CVE-2025-55182) to compromise Next.js servers. This flaw allows attackers to inject malware and cryptominers into systems that have not been properly secured. Organizations using Next.js frameworks are particularly at risk, as the botnet targets these servers directly. This incident underscores the necessity for companies to regularly update their software and apply security patches to prevent such attacks. The ongoing exploitation of this vulnerability poses significant risks to data integrity and can lead to unauthorized resource usage, impacting both performance and costs for affected users.
OpenAI has raised concerns about prompt injection, a method where attackers embed harmful instructions within seemingly harmless online content. This type of security risk poses a particular threat to AI agents like ChatGPT Atlas, which are designed to function in web browsers and assist users with various tasks. The company recently implemented a security update for Atlas following internal testing that revealed vulnerabilities. OpenAI cautions that due to the nature of web content, prompt injection may never be fully resolved, leaving users at risk. As AI tools become more integrated into everyday online activities, the potential for exploitation through this technique highlights ongoing challenges in securing AI systems against sophisticated attacks.
Users of the Trust Wallet Chrome extension have reported significant cryptocurrency losses after a malicious update was released on December 24. This compromised update allowed attackers to drain wallets, leading to millions in losses for affected individuals. In conjunction with this incident, researchers discovered a phishing domain set up by the hackers, further indicating a coordinated effort to exploit Trust Wallet users. The company has responded urgently, advising users to take precautions and remain vigilant to avoid further losses. This incident serves as a stark reminder of the risks associated with browser extensions and the importance of ensuring that software updates are legitimate and secure.
Fortinet has alerted users about the active exploitation of a five-year-old vulnerability in its FortiOS SSL VPN, identified as CVE-2020-12812. This flaw, which has a CVSS score of 5.2, involves improper authentication and is particularly dangerous under specific configurations. Researchers have recently observed this vulnerability being abused in real-world attacks, which means organizations using affected versions of FortiOS SSL VPN should take immediate action to secure their systems. The ongoing exploitation of such an outdated vulnerability underscores the need for companies to regularly update their security measures and ensure proper configuration to protect against potential attacks.
CyberScoop
The FBI has reported an ongoing issue involving deepfake technology being used to impersonate U.S. government officials. This tactic has been traced back to 2023 and involves impersonators using realistic video or audio to deceive victims. The FBI has shared details about the specific methods and talking points these impersonators utilize to lure people into scams. This situation is concerning as it undermines trust in government communications and could potentially lead to financial losses or other harms for those targeted. As deepfake technology improves, it raises significant questions about verification and security in digital communications.
A recent extended security update for Windows 11 inadvertently caused issues with Message Queuing (MSMQ), a feature important for enterprise background task management. This glitch could disrupt services for businesses that rely on MSMQ for their operations, potentially affecting data processing and communication between applications. Users of Windows 10 are now receiving an out-of-band update aimed at addressing these MSMQ problems. It is crucial for enterprises to apply this update promptly to ensure their systems remain stable and functional. Failure to do so could lead to significant operational delays and inefficiencies.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a serious vulnerability, tracked as CVE-2025-59374, found in the Asus Live Update tool. This flaw acts as a backdoor that attackers can exploit, making it a significant concern for anyone using affected Asus devices. The vulnerability stems from a supply chain attack, meaning it was introduced during the software development process rather than through direct hacking. This situation puts users at risk, as the compromised update tool could allow unauthorized access to their systems. Asus users should take this warning seriously and ensure their devices are not vulnerable to exploitation.