Dark Reading

Microsoft Fixes Exploited Zero Day in Light Patch Tuesday

The actively exploited zero-day bug — and the one therefore that needs high-priority attention — is CVE-2025-62221, which ...

Microsoft's December patch fixes three zero-day flaws including one critical exploited vulnerability — update your PC right now

According to Microsoft, a zero-day flaw is one that has been publicly disclosed or actively exploited while no official fix ...
SecurityWeek

Ivanti EPM Update Patches Critical Remote Code Execution Flaw

The XSS vulnerability could allow remote attackers to execute arbitrary JavaScript code with administrator privileges. Ivanti on Tuesday announced patches for four vulnerabilities in Endpoint Manager ...
The Hacker News

.NET SOAPwn Flaw Opens Door for File Writes and Remote Code Execution via Rogue WSDL

Research shows a .NET proxy design flaw enables file writes and RCE through attacker-supplied WSDL in multiple products.