A critical IDOR vulnerability (CVE-2025-27507) in ZITADEL’s Admin API exposes organizations to account takeover risks, allowing low-privilege users to manipulate sensitive settings. Rated 9.0/10 on the CVSS scale, attackers can reroute LDAP authentication, extract credentials, or deploy phishing. ZITADEL has released patches; organizations must upgrade and audit configurations to mitigate risks.
Servier Moves Into Muscular Dystrophy, Paying $1.5B for Assets From Edgewise Therapeutics
France-based pharma company Servier is acquiring the muscular dystrophy business of Edgewise Therapeutics as part of a revenue growth strategy in oncology and neurology. The
