In May 2025, cybersecurity researchers at Cyfirma disclosed serious zero-day vulnerabilities in Versa Concerto, a prominent SD-WAN and SASE solution used by enterprises worldwide. Among these vulnerabilities, CVE-2025-34027 is particularly alarming due to its high severity and ease of exploitation. The flaw arises from a path-based authentication bypass in Concerto’s orchestration platform RESTful API, enabling attackers to gain administrative privileges and execute arbitrary commands remotely
zero-day (5)
A new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats in the global auto industry. Despite recent progress in law enforcement efforts, the Shifting Gears: VicOne 2025 Automotive Cybersecurity Report highlights growing vulnerabilities in vehicles, electric charging networks, and artificial intelligence systems.
Cyberattacks between 2022 and 2024 caused tens of billions of dollars in damages. Automotive vulnerabilities reached record highs in 2024, with ove
There have been many movie or TV shows that depict US Presidents. A new Netflix series is soon to be released dealing with cyber-security. Netflix has recently released the trailer for its new limited series “Zero Day,” which features an ensemble cast of Robert De Niro, Jesse Plemons, Lizzy Caplan, Connie Britton, Joan Allen, Matthew Modine and Angela Bassett. The six-episode technical thriller hits the streamer on 20 February 2025.[1]
According to an official logline, “Zero Day” follows “Ro
It is being reported that Apple has declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab. This after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.
A spokesperson for Kaspersky Lab said that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team ref
Multiple vulnerabilities have been recently discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.[1]
THREAT
