SSRF

Zoom and Xerox patch critical Windows and FreeFlow Core flaws that could enable privilege escalation and remote code execution

News, Risk, Vulnerabilities

August 14, 2025

Zoom and Xerox released patches for critical vulnerabilities in Zoom Clients for Windows and FreeFlow Core, including a high-severity privilege-escalation flaw (CVE-2025-49457) in Windows Zoom clients and two severe flaws in FreeFlow Core (CVE-2025-8355 and CVE-2025-8356) that could enable remote code execution, prompting enterprise patches and risk-mitigation guidance.
Hackers Exploit Cloud Native Vulnerabilities to Access AWS EC2 Metadata

Cloud, Cybercrime, News, Vendors

April 10, 2025

Cyber criminals have initiated a campaign aimed at stealing sensitive information from AWS EC2 Instance Metadata by exploiting vulnerabilities known as server-side request forgery (SSRF). Findings from F5 Labs highlight the urgency of migrating to improved security protocols to defend against such attacks.