At least 39 security flaws across several Adobe products have been fixed by the software vendor as part of this month's Patch Tuesday, SecurityWeek reports.
Updates have been issued by Fortinet to address a critical zero-day remote code execution vulnerability, tracked as CVE-2025-32756, which has already been leveraged to compromise FortiVoice enterprise phone systems, according to BleepingComputer.
Cybersecurity firm Guardz reported that between March 18 and April 7, 2025, attackers used the outdated BAV2ROPC protocol, which bypasses MFA and modern protections by enabling non-interactive logins through basic credentials.
More than 40 security flaws have been patched by Apple as part of the macOS Sequoia 15.5 update, many of which could be exploited to obtain sensitive data access, GBHackers News reports.
Patches have been released by ASUS for a pair of security bugs impacting its DriverHub tool, which could be exploited to facilitate remote code execution, reports The Hacker News.
The Register reports that Microsoft has committed to remediating security issues impacting Microsoft 365 apps on Windows 10 until Oct. 10, 2028, or a little over three years after it ends Windows 10 support.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
