News

Apache Parquet users warned of maximum risk security flaw, told to patch now
The bug, spotted on April 1, 2025, by Amazon security researcher Key Li, is now tracked as CVE-2025-30065, and has a maximum severity score - 10/10 (critical).
SecurityWeek6d
Critical Vulnerability Found in Apache Roller Blog Server
A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after ...
CSO Online1d
Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now
Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, ...
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing ...
SecurityWeek14d
SAP Patches Critical Code Injection Vulnerabilities
SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication ...
Exclusive: Google will develop the Android OS fully in private, and here's why
Google has confirmed it will move development of the Android OS to behind closed doors. Here's why it's doing it.
Inside Climate News5d
How the Trump Administration’s Interpretation of One Word—‘Harm’—Could Gut Habitat Protections for Endangered Species
A proposed rule from the U.S. Fish and Wildlife Service would change the definition of “harm” to an endangered species, ...
heise online18d
Critical gap closed with maximum rating in Apache Parquet
A malicious code vulnerability affects Apache Parquet. The column-based open source file format is used in the big data context to store and retrieve data more efficiently. A security patch is ...