The Hacker News4d
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
A critical FreeType vulnerability (CVE-2025-27363) with a CVSS 8.1 score may be actively exploited—update to 2.13.3 now for ...
CSO Online5d
SAP patches severe vulnerabilities in NetWeaver and Commerce apps
The enterprise software vendor bundled 25 security patches into its March update, addressing flaws that impact middleware, ...
Apple fixes dangerous zero-day used in attacks against iPhones and iPads
Apple has released a new patch for iOS and iPadOS addressing a vulnerability abused in “extremely sophisticated” attacks. In ...
The Register on MSN16d
Ransomware criminals love CISA's KEV list – and that's a bug, not a feature
VMware was the third and final victim on GreyNoise's hit list, with the handling of critical flaws in ESXi and vCenter, which ...
March Patch Tuesday Reveals 57 vulnerabilities
Microsoft is addressing 57 vulnerabilities this Patch Tuesday, which is a similar volume to last month. However, Microsoft has evidence of in-the-wild exploitation for as many as six of the ...
CSO Online13d
VMware ESXi gets critical patches for in-the-wild virtual machine escape attack
Broadcom has patched three vulnerabilities in the VMware ESXi hypervisor and related products, with Microsoft reporting the ...
Computer Weekly6d
March Patch Tuesday brings 57 fixes, multiple zero-days
Microsoft has dropped a grand total of 57 fixes to mark the third Patch Tuesday update of 2025 – rising to closer to 70 when third-party vulns are taken into account – including six zero-days and six ...
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices.
February sets record for highest number of ransomware attacks ever reported
The 962 ransomware victims in February marks a 126% year-over-year increase from February 2024, when 425 attacks were ...