Two QNAP vulnerabilities in Qsync Central 4.5.x, CVE-2025-22482 and CVE-2025-29892, can allow remote attackers to exploit user accounts. CVE-2025-22482 involves format string exploitation, while CVE-2025-29892 relates to SQL injection. Both have been addressed in version 4.5.0.6. Users must update to this version and adopt further security measures to mitigate risks.
How attackers poison AI tools and defenses
Cyberattackers are using generative AI to draft polished spam, create malicious code and write persuasive phishing lures. They are also learning how to turn AI
