Zoom and Xerox have rolled out critical security updates to fix high-severity flaws in their products. A significant vulnerability in Zoom Clients for Windows could allow for privilege escalation, while multiple issues in Xerox FreeFlow Core could lead to remote code execution (RCE). Security teams have detailed the vulnerabilities, including CVE-2025-49457 for Zoom and CVE-2025-8356 for Xerox, urging users to update their systems immediately to prevent potential exploitation by attackers.
Discover the surge in Erlang/OTP SSH RCE exploits (CVE-2025-32433) targeting OT firewalls. Learn how attackers are achieving RCE without authentication.
Trend Micro has confirmed that critical vulnerabilities in its on-premise Apex One security solution are being actively exploited in the wild. The flaws, tracked as CVE-2025-54948 and CVE-2025-54987, both carry a severe 9.4 CVSS score and can lead to remote code execution (RCE). While Trend Micro has patched its cloud offering, on-premise customers must apply a temporary fix tool immediately to protect against these threats, with a full patch expected in mid-August 2025. System administrators are urged to apply the fix and review remote access policies.
