Updates have been issued by Cisco and Atlassian to address various high-severity security issues impacting their respective offerings, SecurityWeek reports.
More than 22,000 instances of the widely used content management system Sitecore Experience Platform could be hijacked in intrusions chaining a trio of security flaws, according to The Register.
GBHackers News reports that attacks exploiting the already-fixed high-severity Google Chrome zero-day flaw, tracked as CVE-2025-2783, have been launched by the Team46 advanced persistent threat operation, also known as TaxOff, to spread the Trinper malware as part of a campaign that was initially observed in March.
Attackers could achieve escalated SYSTEM privileges on Windows machines through the exploitation of a high-severity ASUS Armoury Crate system management software vulnerability, tracked as CVE-2025-3464, BleepingComputer reports.
Updates have been issued by Tenable to address a trio of high-severity security issues impacting its Nessus vulnerability scanner for Windows, reports Infosecurity Magazine.
Flodrix botnet deployed via Langflow security issue Internet-exposed instances of the widely used Python-based artificial intelligence prototyping framework Langflow impacted by the critical remote code execution flaw, tracked as CVE-2025-3248, have been targeted with ongoing attacks distributing the Flodrix botnet, according to GBHackers News.
Organizations have been urged by Mitel to remediate a critical path traversal vulnerability in the MiCollab communications and collaboration platform, which could be exploited to compromise provisioning data, reports SecurityWeek.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
