ALL POSTS

Key Findings Microsoft released its November 2025 Patch Tuesday, addressing a total of 68 vulnerabilities, including a high-priority zero-day flaw already being actively exploited in the wild. The most urgent patch is for CVE-2025-62215, a Windows Kernel Elevation of Privilege Vulnerability that allows an authenticated attacker to gain SYSTEM privileges. In addition to the zero-day, four other flaws have been rated as Critical severity, posing a significant risk of Remote Cod

Key Findings: CVE-2025-12485 is a critical vulnerability (CVSS 9.4) in Devolutions Server that allows a low-privileged authenticated user to impersonate another account by replaying a pre-MFA cookie. CVE-2025-12808 is a high-severity vulnerability (CVSS 7.1) that allows a View-only user to retrieve sensitive third-level nested fields, potentially exposing stored passwords or configuration secrets. Both vulnerabilities affect multiple versions of Devolutions Server 2025 and re

Background Gladinet CentreStack and Triofox are enterprise file-sharing and cloud storage solutions designed for businesses. CentreStack provides a secure platform for file sharing, syncing, and collaboration, integrating on-premises storage with cloud access. Triofox offers a hybrid cloud solution that enables secure remote access to existing Windows file shares and SMB/NFS storage. CVE-2025-11371 - Gladinet CentreStack and Triofox Files or Directories Accessible to External