Three critical vulnerabilities patched by SAP - here's what we know

The most critical bug fixed this time is a code injection vulnerability discovered in SAP Solution Manager ST 720, a specific support package stack level of SAP Solution Manager 7.2 that provides ...

Apache Commons Text: Code injection vulnerability in older versions

Apache Commons Text is used for processing character strings in Java apps. A critical vulnerability allows the injection of ...

Barracuda RMM: Critical security vulnerabilities allow code injection

Critical security vulnerabilities exist in Barracuda's Service Center RMM, through which attackers can execute arbitrary code ...

HPE warns of maximum severity RCE flaw in OneView software

Hewlett Packard Enterprise (HPE) has patched a maximum-severity vulnerability in its HPE OneView software that enables ...
SecurityWeek

SAP Patches Critical Vulnerabilities With December 2025 Security Updates

SAP released 14 new security notes, including 3 addressing critical vulnerabilities in Solution Manager, Commerce Cloud, and ...
SecurityWeek

MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities

MITRE has released the 2025 CWE Top 25 most dangerous software vulnerabilities list, which includes three new buffer overflow ...
Bleeping Computer

CISA flags Craft CMS code injection flaw as exploited in attacks

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high ...
Dark Reading

Apple CocoaPods Bugs Expose Millions of Apps to Code Injection

A near inconceivable number of Apple apps have been exposed to critical vulnerabilities in a popular dependency manager for years now. CocoaPods is a platform that developers in Apple's ecosystem use ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...
Wired

You Should Update Apple iOS and Google Chrome ASAP

Apple made up for a quiet February by issuing two separate patches in March. At the start of the month, the iPhone maker released iOS 17.4, fixing over 40 flaws including two issues already being used ...
SD Times

AI-Generated Code Poses Major Security Risks in Nearly Half of All Development Tasks, Veracode Research Reveals

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
Forbes

Why No-Code Doesn’t Mean No Vulnerabilities

Seatbelts don’t make you invincible. You can drive the safest car on the road and still end up in an accident if you can't see your surroundings. The same principle applies to citizen developer ...