A vulnerability has been discovered in Canon printer drivers that allows hackers to execute malicious code on affected systems. Users are advised to update their drivers to mitigate potential security risks associated with this flaw. The issue highlights the importance of maintaining up-to-date software for safeguarding devices against cyber threats.

A newly discovered WinRAR vulnerability, tracked as CVE-2025-8088, has been exploited in phishing attacks to deploy RomCom malware. The flaw allows attackers to create malicious archives that can extract executables into paths that enable remote code execution when a user logs in. Users are urged to update to WinRAR 7.13 to mitigate this risk.

CISA has released an analysis detailing malware used in attacks exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), specifically an authentication bypass and a code injection issue. The vulnerabilities, already being exploited by a China-nexus espionage group, allow for arbitrary code execution and data exfiltration. CISA recommends immediate patching of affected systems and treating mobile device management solutions as high-value assets.

Samsung has addressed a critical remote code execution vulnerability (CVE-2025-21043) affecting Android devices running version 13 or later, which was exploited in zero-day attacks. Discovered in a closed-source image parsing library, the flaw allows attackers to execute malicious code remotely. Meta and WhatsApp reported the vulnerability, highlighting the importance of keeping devices updated to mitigate such risks.

A significant vulnerability in ESET software has been discovered, which could be exploited by attackers to deploy malware, specifically linked to the ToddyCat APT group. This flaw poses a heightened risk to users of ESET’s security products, emphasizing the need for immediate updates to mitigate potential threats.

A critical security vulnerability (CVE-2025-22457) in Ivanti Connect Secure VPN appliances is being actively exploited by a suspected China-nexus threat actor, UNC5221, leading to remote code execution and the deployment of various malware families. Organizations are urged to upgrade their systems immediately to mitigate potential risks associated with this vulnerability.

Researchers have identified two Secure Boot exploits, with Microsoft addressing only one in its latest security update. The patched vulnerability, affecting over 50 device manufacturers, allows attackers with physical access to disable Secure Boot and potentially install malware before the operating system loads. The exploit's root cause lies in a critical vulnerability in firmware flashing tools used by DT Research, which were improperly authenticated for wider device compatibility.