A moderate-severity vulnerability (CVE-2025-2848) in Synology Mail Server allows remote authenticated attackers to manipulate non-sensitive settings and functions. Affecting versions for DSM 7.1 and 7.2, it has a CVSS score of 6.3. Synology advises immediate updates to patched versions (1.7.6-20676 or above) to mitigate risks, as no alternative protections exist.
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and
.webp?w=0&resize=0,0&ssl=1 "Top 10 Best User Access Management Tools in 2026")