A critical IDOR vulnerability (CVE-2025-27507) in ZITADEL’s Admin API exposes organizations to account takeover risks, allowing low-privilege users to manipulate sensitive settings. Rated 9.0/10 on the CVSS scale, attackers can reroute LDAP authentication, extract credentials, or deploy phishing. ZITADEL has released patches; organizations must upgrade and audit configurations to mitigate risks.
More Healthcare Providers Are Bolstering Cybersecurity
Healthcare organizations are increasingly becoming targets for cybercriminals due to the extensive personal and financial data they hold. A survey by the Healthcare Information and
