Trend Micro fixes two actively exploited Apex One RCE flaws

Threat Score:

Security Affairs

13 hours ago

Part of cluster #1704

Overview

Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as CVE-2025-54948 and CVE-2025-54987 (CVSS score of 9.4), in Apex One on-prem consoles. The cybersecurity vendor confirmed that both issues were actively exploited in the wild. Both […]...

Continue Reading on Original Site

5 articles

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Brighttalk • 14 hours ago

Presented by Jitin Shabadu, Forrester Analyst | Jayce Nichols, Director, Intelligence Solutions, Google Threat Intelligence Group

Score

Ransomware plunges insurance company into bankruptcy

Graham Cluley • 12 hours ago

Collapsed company's founder says that its fortunes were hampered by the refusal of authorities to release the criminals' seized funds to victims. in my article on the Fortra blog.

Score

Google Discloses Salesforce Hack

Feedburner • 11 hours ago

A Google Salesforce instance may have been targeted as part of a ShinyHunters campaign that hit several major companies.

Score

Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities

Cybersecurity News • 9 hours ago

Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]

Score

Change Healthcare Increases Ransomware Victim Count to 192.7 Million Individuals

Hipaajournal • 15 hours ago

Change Healthcare has confirmed that the number of individuals affected by its February 2024 ransomware is slightly higher than its […]

Score

CVES

CVE-2025-54948

CVE-2025-54987

VULNERABILITIES

Command Injection

RCE

Remote Code Execution

SECURITY VENDORS

Trend Micro

RANSOMWARE

One

ATTACK TYPES

Command Injection

Remote Code Execution

MITRE ATT&CK

T1040

T1065

T1068

T1070

T1071.001

COMPANIES

Trend Micro

PLATFORMS

Windows

INDUSTRIES

Cybersecurity

Information Technology

AGENCIES

CERT

Japanese CERT

COUNTRIES

Japan

ARTICLE INFORMATION

Article #9286

Published 13 hours ago

Security Affairs

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Save to Folder

Article Intelligence

THREAT HUNTING

THREAT INTELLIGENCE

BUSINESS INTELLIGENCE

Overview

Related Articles

Stop Reacting; Start Anticipating: The Global State of Threat Intelligence

Ransomware plunges insurance company into bankruptcy

Google Discloses Salesforce Hack

Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities

Change Healthcare Increases Ransomware Victim Count to 192.7 Million Individuals

Save to Folder

Article Intelligence

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies