A weekly cybersecurity newsletter has highlighted various vulnerabilities in programs including OpenVPN, Microsoft Office, open-source pfSense firewall, solar power systems, Roundcube webmail client, and Microsoft CoPilot. Cyberattacks and threats have been detected, including the leveraging of Google Drive and OneDrive by hackers. Other issues include vulnerabilities in MongoDB, Apache HTTP servers, and Windows Server, as well as a macOS stealer mimicking a screen recorder. The ADT security company and National Public Data’s databases were both hacked recently. Finally, CISA flagged the issue of weak password practices on Cisco devices.
IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
A security assessment by Shelltrail revealed three critical vulnerabilities in the IXON VPN client, allowing privilege escalation on Windows and Linux. Identified as CVE-2025-ZZZ-01, CVE-2025-ZZZ-02,
%20CISO%E2%80%99s%20Core%20Focus.webp?w=0&resize=0,0&ssl=1 "Identity and Access Management (IAM)")