Veeam backup software has a serious security flaw - here's how to stay safe
Multiple backup products found carrying a critical severity flaw allowing malicious actors to run arbitrary commands on ...
Removing software supply chain blind spots that put public sector organizations at risk
Do you regularly assess the security posture of your software providers? For IT leaders it’s an increasingly familiar concern ...
SecurityWeek1d
Adobe Plugs 45 Software Security Holes, Warns of Code Execution Risks
Adobe patches 45 vulnerabilities across multiple products and warns of remote code execution exploitation risks.
The Hacker News2d
Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities
Zimbra has patched CVE-2025-25064, a critical SQL injection flaw (CVSS 9.8), and other security bugs. Update now to protect ...
SecurityWeek1d
Intel Patched 374 Vulnerabilities in 2024
Intel says roughly 100 of the 374 vulnerabilities it patched last year were firmware and hardware security defects.
Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws
CVE-2025-21391, the zero-day Windows storage flaw, stems from the way Windows resolves file paths and follows links, Walters ...
The Hacker News1d
Progress Software Patches High-Severity LoadMaster Flaws Affecting Multiple Versions
Progress Software fixes high-severity LoadMaster flaws (CVSS 8.4) enabling command execution and file access. Affected users ...
Krebs on Security2d
Microsoft Patch Tuesday, February 2025 Edition
All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries ...
Ivanti: Critical code smuggling vulnerabilities in VPN and CSA
There are critical security leaks in Ivanti's VPN software ICS, IPS and ISAC as well as in Ivanti CSA. Attackers can plant ...
How fake security reports are swamping open-source projects, thanks to AI
Patch spam contains code that is downright wrong and nonfunctional. Even worse: It can introduce new vulnerabilities or ...
VeraCore zero-day vulnerabilities exploited in supply chain attacks
Researchers discovered two active exploits of zero-day vulnerabilities in warehouse management software platform VeraCore.
Why your IoT devices are the weakest link in security
Key risks include default security settings, limited processing power and memory, and the lack of standardized security ...