Security Alerts

Microsoft security updates for 114 flaws (incl 1 actively exploited & 2 publicly disclosed zero-day vulnerabilities); addresses 8 “Critical” vulnerabilities (6 for remote code execution & 2 are elevation-of-privilege).

Organizations AI systems services are often exposed through APIs, webhooks, or proxy layers, creating new opportunities for attackers to probe for misconfigurations and abuse; using server-side request forgery (SSRF) techniques.

Veeam has released security updates to issues including result in remote code execution (RCE). CVE-2025-59470, carries a CVSS score of 9.0 allows a Backup or Tape Operator.

CVE-2025-43530 allow attackers to bypass macOS Transparency, User Consent, and Control (TCC) protections entirely.

CVE-2025-68615 allows remote attackers to trigger a buffer overflow, leading to a service crash or potentially a more severe system compromise.

CVE-2025-68613, carries a CVSS score of 9.9/10.0. The issue, which affects all versions including higher than 0.211.0 & below 1.120.4, has been patched in 1.120.4, 1.121.1, and 1.122.0.

A maximum-severity bug CVE-2025-37164 rated a max 10.0 on the CVSS scale, affects HPE OneView versions 5.20 through 10.20 and allows unauthenticated remote code execution.

FortiSandbox analysis appliances to fix CVE-2025-53949. The “OS Command Injection” does not correctly check the commands it receives before executing them.

React Server Components (CVE-2025-55182) & Next.js can be impacted downstream by React2Shell.

Windows PowerShell CVE-2025-54100 allows attackers to execute malicious code on affected systems. It was publicly disclosed on December 9, 2025.

Attackers are exploiting CVE-2025–8489 in the King Addons for Elementor plugin for WordPress & obtain administrative permissions during the registration process. It’s used on roughly 10,000 websites.

Google says there are “indications” that CVE-2025-48633 and CVE-2025-48572 “may be under limited, targeted exploitation.”

CVE-2025-21042 was discovered in Samsung’s libimagecodec.quram.so library, allowing remote attackers to gain code execution on devices running Android 13 and later.

CVE-2025-49844. This critical (CVSS 10.0) use-after-free (UAF) vulnerability in Lua scripting could allow authenticated attackers to execute remote code on older versions of Redis and Valkey with Lua scripting enabled.

CVE-2025-48593, a remote code execution (RCE) bug discovered in the System component. The flaw affects multiple versions of the Android Open Source Project (AOSP).

Attackers are already targeting a vulnerability in the Post SMTP plug-in that allows them to fully compromise an account and website for nefarious purposes.

CVE-2025-58726 – Ghost SPNs service names referencing hostnames that don’t resolve in DNS create exploitable attack surfaces in Active Directory environments.

CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape as part of a campaign dubbed Operation ForumTroll targeting organizations in Russia. The cluster is tracked as TaxOff/Team 46.

Nation-State Cyber Threat Actor Poses Immediate Risk to Federal Networks. CISA has issued Emergency Directive 26-01. This directive, the third issued under the Trump Administration.

CVE-2025-59287, a WSUS remote code execution vulnerability impacting Windows Server 2012, 2016, 2019, 2022, 2025. WSUS is a component of the Windows Server OS to centrally manage updates & patches.