car cybersecurity
-
Zoom and Xerox patch critical Windows and FreeFlow Core flaws that could enable privilege escalation and remote code execution
Zoom and Xerox released patches for critical vulnerabilities in Zoom Clients for Windows and FreeFlow Core, including a high-severity privilege-escalation flaw (CVE-2025-49457) in Windows Zoom clients and two severe flaws in FreeFlow Core (CVE-2025-8355 and CVE-2025-8356) that could enable remote code execution, prompting enterprise patches and risk-mitigation guidance.
-
Security Flaw in Carmaker’s Online Portal Exposed Customer Data and Could Permit Remote Vehicle Access, Researchers Say
A security flaw in a major carmaker’s online dealer portal exposed customer data and could have enabled attackers to remotely unlock vehicles, prompting a fix in February 2025. Discovered by researcher Eaton Zveare, the vulnerability was described as a serious risk that underscores ongoing cybersecurity challenges in automotive online systems.
