Critical Apex Central RCE Fixed in Build 7190
Trend Micro has patched a critical RCE vulnerability in Apex Central – plus two Denial-of-Service bugs. Update to Build 7190 as soon as possible.
Read MorePatch
CVSS 10.0 RCE in React Server Components
A 10.0 CVSS flaw in React and Next.js which allows remote code execution is actively exploited. Update as soon as possible.
Read MoreMicrosoft Patches 9.9-Rated ASP.NET Core Request-Smuggling Flaw
Microsoft fixed CVE-2025-55315, a Kestrel request-smuggling bug rated 9.9 (Critical). Updates for ASP.NET Core and Visual Studio are available; admins should patch and restart affected apps.
Read MoreCISA: Attacks Exploit Two N-able N-central Flaws; Patches Available
CISA added two actively exploited N-central flaws to the KEV catalog. N-able has released patches; admins using the software should update and enable MFA as soon as possible.
Read MoreMicrosoft and CISA Warn of High-Severity Exchange Hybrid Flaw
A new flaw affecting Microsoft Exchange Server 2016, 2019, and Subscription Edition has been disclosed. Patch is available, and Microsoft urges companies to create and use the dedicated Exchange hybrid app instead.
Read MoreResearchers Demonstrate Microsoft Azure MFA Bypass Through Code Guessing
An MFA bypass flaw in Microsoft Azure’s MFA has since been patched.
Read MoreApple Patches 2 Zero-Day Flaws
Apple has released critical updates to address two zero-day vulnerabilities that are being actively exploited in attacks targeting Apple tech.
Read More2 Android Zero Days Patched
2 Android zero days which allowed hackers to escalate admin access have been patched.
Read More