Trend Micro patched three vulnerabilities in its Apex Central management console, including a severe remote code execution flaw that could allow attackers to execute code as SYSTEM. The vulnerabilities were disclosed by Tenable and affect versions below Build 7190. Users are urged to apply the critical patch immediately.

New security flaws in React Server Components can lead to denial-of-service attacks and expose source code. Users must quickly patch their systems, as many remain vulnerable despite previous updates. Ongoing exploitation attempts are reported, particularly from attackers in North Korea and China.

Over 800 N-able N-central servers remain unpatched against two critical vulnerabilities, CVE-2025-8875 and CVE-2025-8876, which are currently being exploited. N-able has urged administrators to upgrade to the patched version 2025.3.1, while CISA has mandated federal agencies to mitigate these vulnerabilities within a week. Shadowserver Foundation reports that most of the vulnerable servers are located in the U.S., Canada, and the Netherlands.