SAP has released an emergency patch for CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, after evidence of active exploitation in the wild. Organizations are urged to apply the patch immediately to prevent full system compromise.
Zero-day
- A critical zero-day exploit chain (CVE-2025-32432) targeting Craft CMS has been leveraged in active attacks to achieve remote code execution and exfiltrate sensitive data. Organizations using Craft CMS are urged to patch immediately.
- Apple has released emergency security updates for iOS, iPadOS, macOS, tvOS, and visionOS, patching two zero-day vulnerabilities (CVE-2025-31200, CVE-2025-31201) exploited in targeted attacks.
- Apple issues emergency updates for three zero-day vulnerabilities (CVE-2025-24200, CVE-2025-24201, CVE-2025-24085) being actively exploited in sophisticated attacks against specific targeted individuals. Update your devices now.
- Microsoft releases emergency patch for actively exploited Windows CLFS driver zero-day vulnerability CVE-2025-29824. Learn how to protect your systems now.