Apple has released security updates to fix a high-severity vulnerability, CVE-2025-6558, that was exploited in zero-day attacks targeting Google Chrome users. The flaw allows remote attackers to execute arbitrary code in the browser's GPU process, potentially breaching the sandbox isolation from the operating system. CISA has also urged federal agencies to prioritize patching this vulnerability due to its significant risks.

A critical vulnerability identified as CVE-2025-25257 in Fortinet’s FortiWeb can lead to remote code execution, posing significant security risks. Users are urged to apply patches immediately to mitigate potential exploitation of this flaw.

A critical flaw in Microsoft's Windows Server Update Services (WSUS) has been exploited in the wild, with reports indicating that the vulnerability allows attackers to bypass security measures and execute arbitrary code. Despite the availability of patches, many systems remain unprotected due to insufficient updates, highlighting the urgency for organizations to address this issue promptly.

A critical vulnerability, identified as CVE-2025-20265, has been discovered in Cisco's Secure Firewall Management Center, which allows for remote code execution with a CVSS score of 10. Organizations using this software are urged to apply the necessary patches immediately to mitigate potential security threats.

A previously patched vulnerability in libpng has been rediscovered, raising concerns about the long-term security of software libraries. The situation highlights the importance of ongoing security assessments and vigilance in software development.

A newly discovered vulnerability in the Cursors component of Microsoft Windows allows hackers to execute arbitrary code on affected systems. This flaw, identified as CVE-2023-38831, can be exploited through specially crafted files, prompting urgent updates from Microsoft to mitigate potential attacks. Users are advised to patch their systems to safeguard against this security threat.