Trend Micro has confirmed that critical vulnerabilities in its on-premise Apex One security solution are being actively exploited in the wild. The flaws, tracked as CVE-2025-54948 and CVE-2025-54987, both carry a severe 9.4 CVSS score and can lead to remote code execution (RCE). While Trend Micro has patched its cloud offering, on-premise customers must apply a temporary fix tool immediately to protect against these threats, with a full patch expected in mid-August 2025. System administrators are urged to apply the fix and review remote access policies.
Google's August 2025 Android update patches two actively exploited Qualcomm zero-day vulnerabilities. Learn about CVE-2025-21479 and CVE-2025-27038 and why you must update your device now.