IBM has issued urgent warnings about two critical vulnerabilities (CVE-2025-0159, CVE-2025-0160) in its Storage Virtualize products, including SAN Volume Controller and FlashSystem. These flaws allow attackers to bypass authentication and execute remote Java code, posing major risks like data theft and ransomware. Immediate upgrades to specific patched versions are necessary, as there are no effective workarounds.

Healthcare industry must brace itself for deluge of cyberattacks in 2025
In 2024, Change Healthcare announced a data breach affecting over 100 million patients. However, the parent company, UnitedHealth Group, later revealed 190 million people were