News

Apache Parquet users warned of maximum risk security flaw, told to patch now
The bug, spotted on April 1, 2025, by Amazon security researcher Key Li, is now tracked as CVE-2025-30065, and has a maximum severity score - 10/10 (critical).
CSO Online23h
Public exploits already available for a severity 10 Erlang SSH vulnerability; patch now
Impacted devices are pervasive in IoT and telecom, and attackers exploiting the vulnerability can easily gain full access, ...
SecurityWeek6d
Critical Vulnerability Found in Apache Roller Blog Server
A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after ...
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing ...
SecurityWeek14d
SAP Patches Critical Code Injection Vulnerabilities
SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication ...
Exclusive: Google will develop the Android OS fully in private, and here's why
Google has confirmed it will move development of the Android OS to behind closed doors. Here's why it's doing it.
heise online18d
Critical gap closed with maximum rating in Apache Parquet
A malicious code vulnerability affects Apache Parquet. The column-based open source file format is used in the big data context to store and retrieve data more efficiently. A security patch is ...
Signalgate solved? Report claims journalist’s phone number accidentally saved under name of Trump official
Infosec in Brief How did journalist Jeffrey Goldberg’s phone number end up in a Signal group chat? According to The Guardian, ...