News • Insights • Analysis
Commvault has released a security advisory to address a critical vulnerability in its Command Center Platform. Command Center is Commvault’s all-in-one solution for managing Commvault services within a corporate environment. CVE-2025-34028 is a path traversal vulnerability with a CVSSv3 base Read More …
Erlang has released updates to its OTP package to address a critical vulnerability in its Secure Shell (SSH) server. Erlang is an open-source programming language. OTP (Open Telecom Platform) is a set of Erlang libraries and middle-ware that can be Read More …
FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Unlike previous malware targeting these devices, this variant is written in Rust—a programming language introduced by Mozilla in 2010. Due to its Rust-based implementation, we’ve named the malware “RustoBot.” Read More …
Cisco has released a security advisory to address a high severity vulnerability affecting Webex App, regardless of configuration or operating system. Cisco Webex is a web conferencing software solution. CVE-2025-20236 is an ‘insufficient input validation’ vulnerability with a CVSSv3 score Read More …
Apple has released new software updates across its product line to fix two security vulnerabilities, which the company said may have been actively used to hack customers running its mobile software, iOS. In security advisories posted on its website, Apple Read More …
Fortinet has released security updates for FortiOS to mitigate novel post-exploitation activity observed against FortiGate devices. The disclosure details a new persistence technique used by an attacker, in conjunction with known vulnerabilities, to maintain read-only access to FortiGate devices through Read More …
In September 2024, NVIDIA released several updates to address a critical vulnerability (CVE-2024-0132) in its NVIDIA Container Toolkit. If exploited, this vulnerability could expose AI infrastructure, data, or sensitive information. With a CVSS v3.1 rating of 9.0, all customers were Read More …
President Trump on Wednesday ordered a federal investigation into Chris Krebs, the former director of U.S. cybersecurity agency CISA. In a new executive order, Trump instructed the Department of Homeland Security, which houses CISA, and the U.S. attorney general to Read More …
Microsoft is addressing 121 vulnerabilities this April 2025 Patch Tuesday, which is more than twice as many as last month. Microsoft has evidence of in-the-wild exploitation for just one of the vulnerabilities published today, which is already reflected in CISA Read More …
Google has patched 62 vulnerabilities in Android, including two actively exploited zero-days in its April 2025 Android Security Bulletin. When we say “zero-day” we mean an exploitable software vulnerability for which there was no patch at the time of the Read More …
