Latest Security Alerts
| # | Vulnerability / Advisory | Details |
|---|---|---|
| Multiple vulnerabilities in Mozilla Products (CIVN-2025-0237) |
Multiple vulnerabilities were reported in Mozilla products, allowing remote code execution or disclosure of sensitive information. Software Affected: Mozilla Firefox for iOS versions before 143.1 Mozilla Firefox versions before 143.0.3 Apply appropriate updates as mentioned below: |
|
| Multiple vulnerabilities in Microsoft Edge (Chromium-based) (CIVN-2025-0241) |
Multiple vulnerabilities in Microsoft Edge (Chromium-based) could allow remote attackers to obtain sensitive information and execute arbitrary code. Software Affected: Microsoft Edge (Chromium-based) versions before 140.0.7339.208 Apply appropriate updates as mentioned below: |
|
| Multiple vulnerabilities in Google Chrome for Desktop (CIVN-2025-0235) |
Multiple vulnerabilities could allow a remote attacker to execute arbitrary code, cause denial of service (DoS), or disclose information. Software Affected: Google Chrome versions before 140.0.7339.207/.208 for Windows/Mac Google Chrome versions before 140.0.7339.207 for Linux Apply appropriate updates as mentioned below:https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html |
|
| Denial of Service Vulnerability in Apple Products (CIVN-2025-0234) |
A vulnerability has been reported in Apple products, which could be exploited by an attacker to cause denial of service conditions or corrupt process memory on the targeted system. Multiple affected releases are listed below. Software Affected: Apple iOS / iPadOS versions before 18.7.1 Apple iOS / iPadOS versions before 26.0.1 Apple macOS Tahoe versions before 26.0.1 Apple macOS Sequoia versions before 15.7.1 Apple macOS Sonoma versions before 14.8.1 Apple visionOS versions before 26.0.1 Apply appropriate updates as mentioned below:https://support.apple.com/en-us/125326 https://support.apple.com/en-us/125327 https://support.apple.com/en-us/125328 https://support.apple.com/en-us/125329 |
|
| Multiple vulnerabilities in Google Chrome for Desktop (CIVN-2025-0211) |
Multiple vulnerabilities have been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system. Software Affected: Google Chrome versions before 140.0.7339.127/.128 for Windows Google Chrome versions before 140.0.7339.132/.133 for Mac Google Chrome versions before 140.0.7339.127 for Linux Apply appropriate updates as mentioned below:https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html |
|
| Authorization Bypass vulnerability in WhatsApp for Apple Devices (CVE-2025-55177) |
A vulnerability has been reported in WhatsApp, which could allow an attacker to bypass authorization on the targeted device.
Software Affected: WhatsApp for iOS version before 2.25.21.73 WhatsApp Business for iOS version 2.25.21.78 WhatsApp for Mac version 2.25.21.78 Users are advised to update to the latest available versions of WhatsApp: https://www.whatsapp.com/security/advisories/2025/ |
|
| Multiple Vulnerabilities in Android, all OEMs, and users of Android (CIVN-2025-0202) |
Multiple vulnerabilities have been reported in Android versions 13, 14, 15, and 16. High risk of unauthorized access to data and system instability. Apply appropriate updates as mentioned in: https://source.android.com/docs/security/bulletin/2025-09-01 | |
| Zero-Day Vulnerabilities in Apple Products (CVE-2025-43300) |
Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation. Kindly update to the latest version ASAP. | |
| Multiple Vulnerabilities in Adobe Products (CIVN-2025-0138) |
Software Affected: Adobe After Effects versions before 24.6.7 for Windows and MacOS, Adobe After Effects versions before 25.3 for Windows and MacOS. Kindly update to the latest version ASAP. | |
| WinRAR zero-day Under Active Exploitation (CVE-2025-8088) |
To safeguard against potential threats, update to the latest WinRAR version 7.13, released on July 31, 2025. | |
| Broad Credential Exposure Involving Multiple Online Services (CERT-In Advisory CIAD-2025-0024) |
Recently, several media outlets reported the exposure of approximately 16 billion login credentials, including usernames, passwords, authentication tokens, and associated metadata, from platforms such as Apple, Google, Facebook, Telegram, GitHub, and various virtual private network (VPN) services. Recommendations to mitigate risks Update Passwords Immediately: Change passwords for all affected services, prioritizing email, banking, social media, and government portals. Create strong, unique passwords (minimum 12 characters, including letters, numbers, and symbols). Avoid reusing passwords across services to prevent credential stuffing attacks. Make it a habit to change your passwords regularly. Enable Multi-Factor Authentication (MFA): Activate MFA on all accounts that support it, using authenticator apps, hardware tokens, or SMS-based verification. Transition to Passkeys: Where supported (e.g., Apple, Google), enable passkeys for password-less, phishing-resistant authentication using biometrics or device PINs. Protect Against Malware: Run antivirus scans to detect and remove infostealer malware. Ensure operating systems, browsers, and applications are updated to address known vulnerabilities. |
|
| Multiple Vulnerabilities in Mozilla Firefox (CIVN-2025-0138) |
Software Affected: Mozilla Firefox versions before 140. Please update to the latest version as soon as possible. A remote attacker could exploit these vulnerabilities by convincing a victim to trigger a specially crafted web request. | |
| The zero-day vulnerability in the Google Chrome Browser (CVE-2025-6554) |
To safeguard against potential threats, it's advised to update Chrome browser to versions 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for macOS, and 138.0.7204.96 for Linux. If you're unsure whether your browser is up to date, go to Settings > Help > About Google Chrome — it should trigger the latest update automatically. |
