Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability (CVE-2025-20188)
CVE number = CVE-2025-20188 A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software
Read MoreAuthor: Luke Simmonds
Synology BeeStation BST150-4T Unnecessary Privileges Remote Code Execution Vulnerability (CVE-2024-10445)
CVE number = CVE-2024-10445 This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T
Read More
New posters promoting button battery safety
The Office for Product Safety and Standards (OPSS) in the UK is sharing new posters which can be downloaded and shared by stakeholders to promote button battery safety and awareness.
Read More
New National Quantum Hub to be Based at UMD’s Applied Research Laboratory for Intelligence and Security
Wes Moore joined leaders from the University of Maryland (UMD) and the Defense Advanced Research Projects Agency (DARPA) to celebrate the creation of the Capital Quantum Benchmarking Hub, a cooperative effort dedicated to testing and evaluating quantum computing prototypes and systems for national security and commercial applications.
Read More
SAP NetWeaver Visual Composer Metadata Uploader High Risk Vulnerability (CVE-2025-31324)
This vulnerability affects the platform’s visual composer, it lets a remote and unauthenticated attacker upload malicious files directly to the system without authorisation.
Read More
Unauthenticated Remote Code Execution in Erlang/OTP SSH (CVE-2025-32433)
A serious vulnerability (CVE-2025-32433) has been identified in the Erlang/OTP SSH server that may allow an attacker to perform unauthenticated remote code execution (RCE).
Read MoreMultiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server (CVE-2025-32433)
On April 16th 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution (RCE) on an affected device.
Read More
MITRE Issues Warning: CVE Program Funding Runs Out Today
MITRE Vice President Yosry Barsoum has issued a warning that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs is set to expire today—an event that could significantly disrupt the global cybersecurity landscape.
Read More
Ofcom investigates online suicide forum
Ofcom has today (09-04-2025) launched an investigation into whether the provider of an online suicide forum has failed to comply with its duties under the UK’s Online Safety Act.
Read MoreMultiple Australian superannuation funds targeted in a coordinated cyberattack
Multiple Australian superannuation funds have been targeted in a coordinated cyberattack that has compromised thousands of accounts and resulted in some members losing thousands in savings.
Read More