Thousands of cold storage units, HVAC, and lighting systems could be compromised in attacks exploiting 10 vulnerabilities impacting Copeland controllers collectively dubbed Frostbyte10, which could result in sweeping supply chain issues, reports The Register.
TechCrunch reports that WhatsApp has released updates resolving an iOS and macOS app vulnerability, tracked as CVE-2025-55177, which had been exploited alongside the recently patched Apple zero-day, tracked as CVE-2025-43300, in a highly targeted spyware campaign that commenced in late May.
Organizations using Passwordstate have been urged by its developer, Click Studios, to promptly implement the latest version of the enterprise-grade password manager to address a high-severity authentication bypass vulnerability, according to BleepingComputer.
More than 28,200 Citrix NetScaler ADC and Gateway instances could be compromised in ongoing intrusions exploiting the critical memory overflow vulnerability, tracked as CVE-2025-7775, which could result in denial-of-service or remote code execution, Security Affairs reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
