TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.
CSOonline

Gladinet file sharing zero-day brings patched flaw back from the dead

Criminals have been spotted exploiting a new zero-day vulnerability in Gladinet CentreStack and Triofox file sharing servers that could allow them to re-create the conditions of an earlier flaw ...
CSOonline

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

The exploit takes advantage of a known file upload vulnerability that was not efficiently patched and can still be exploited in up-to-date versions of Cleo LexiCom, VLTrader and Harmony products.
Bleeping Computer

Exploits for unpatched Parallels Desktop flaw give root on Macs

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. Parallels Desktop ...
Morningstar

VulnCheck Exploit Intelligence Report Separates Real-World Exploitation Activity from Theoretical Vulnerability Risk

Analysis Finds 1% of Vulnerabilities Were Exploited in the Wild in 2025 and Identifies the 50 Most Routinely Targeted Flaws of Last Year VulnCheck, the exploit intelligence company, today released the ...