CSO Online

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not ...

Windows Users at Risk as Critical Zoom Vulnerability Exploited

A critical Zoom vulnerability put Windows users at risk of data theft and system compromise. Zoom has patched the flaw. Users should update immediately.
Forbes

New Critical Warning For 3 Billion Google Chrome Users—Act Now

Update, March 22, 2025: This story, originally published March 20, has been updated with expert commentary from infosecurity professionals regarding the latest critical Google Chrome vulnerability ...
CRN

Fortinet Confirms Exploitation Of ‘Critical’ Vulnerability In FortiOS, FortiProxy

The confirmation comes after Arctic Wolf researchers said that ‘mass exploitation’ of the vulnerability—which impacts FortiGate firewalls—is ‘likely.’ Fortinet confirmed Tuesday that a ...
CRN

React Server Vulnerability Is No Cause For Panic: Security Expert

While the critical-severity flaw in a popular open-source library has seen exploitation, the ‘vast majority’ of organizations will not be vulnerable, according to well-known researcher Kevin Beaumont.
Visual Studio Magazine

IDE Irony: Coding Errors Cause 'Critical' Vulnerability in Visual Studio

Microsoft's first Patch Tuesday of 2025 is larger than normal, with the company addressing 159 vulnerabilities, including eight zero-day flaws, three of which have been actively exploited in the wild.
Infosecurity-magazine.com

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Multiple industrial control system (ICS) devices are affected by vulnerabilities carrying critical severity ratings up to a 9.9 CVSS base score. In an April 10 blog post, Cyble urged users of Rockwell ...