TechRadar

Hackers hijacked antivirus features to install malware - here's what we know

CVE-2025-12480 in Triofox allowed zero-day exploitation via improper access control UNC6485 attackers deployed Zoho Assist, AnyDesk, and SSH tunneling for remote access Patch released July 26; newer ...
CSOonline

VMware plugs a high-risk vulnerability affecting its Windows-based virtualization

Broadcom is warning customers of a high-severity, authentication bypass flaw, now fixed, affecting VMWare Tools for Windows. Tracked as CVE-2025-22230, the issue stems from improper access control and ...
TechRepublic

The 10 vulnerabilities most commonly discovered by bug bounty hunters in 2020

The 10 vulnerabilities most commonly discovered by bug bounty hunters in 2020 Your email has been sent HackerOne's list was topped by cross-site scripting, and found improper access control and SSRF ...
Bleeping Computer

Adobe fixes patch bypass for exploited ColdFusion CVE-2023-29298 flaw

Adobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. As part of today’s out-of-band update, Adobe fixed ...