Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
Microsoft has patched a critical zero-day vulnerability in the Windows Desktop Window Manager (DWM) Core Library, tracked as CVE-2025-30400, which was actively exploited in the…
Month: May 2025
Google’s Advanced Protection for Vulnerable Users Comes to Android
With the rise of mercenary spyware and other targeted threats, tech giants like Apple, Google, and Microsoft have spent the last few years trying to…
Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day
CVE Number CVE Title Impact Max Severity CVE-2025-29966 Remote Desktop Client Remote Code Execution Vulnerability Remote Code Execution Critical CVE-2025-29967 Remote Desktop Client Remote Code…
Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security…
Marks and Spencer confirms data breach after April cyber attack
Marks and Spencer confirms data breach after April cyber attack Pierluigi Paganini May 13, 2025 Marks and Spencer (M&S) confirms that threat actors stole customer…
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution.…
Fortinet FortiVoice O-Day Vulnerability Actively Exploited in The Wild
A critical stack-based buffer overflow vulnerability (CWE-121) has been discovered in multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. A critical zero-day vulnerability…
Zoom Fixes High-Risk Flaw in Latest Update
Zoom fixes multiple security bugs in Workplace Apps, including a high-risk flaw. Users are urged to update to the latest version released on May 13,…
Windows 11 KB5058411 and KB5058405 cumulative updates released
Microsoft has released Windows 11 KB5058411 and KB5058405 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues, including 134 flaws. Today’s updates are mandatory as they contain…
Ivanti Released Security Updates to fix the Multiple RCE Vulnerabilities
Ivanti, a leading enterprise software provider, has released critical security updates addressing vulnerabilities across several products, including Endpoint Manager Mobile (EPMM), Neurons for ITSM (on-premises),…
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number of customers, Ivanti has…
Australia’s Data Breaches Highest In Half A Decade: OAIC
Australia is facing a troubling uptick in data breaches, with the country recording its highest number of reported incidents this decade. According to the Office…