ConnectWise Product Security Update Advisory
Security Advisory

ConnectWise Product Security Update Advisory

Overview   We have released security updates to fix vulnerabilities in ConnectWise products. Affected product users are advised to update to the latest version.    Affected Products   CVE-2025-11492, CVE-2025-11493   ConnectWise Automate versions: 2025.less than 9     Resolved Vulnerabilities   Plaintext transmission vulnerability in ConnectWise Automate (CVE-2025-11492)Integrity-unvalidated code

  • Dec 02 2025
Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)
Security Advisory

Advisory for a security update to the astral-tokio-tar library (CVE-2025-62518)

Overview   We have released a security update to address a vulnerability in the astral-tokio-tar library. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-62518   Astral-tokio-tar version: 0.5.5 and earlier     Resolved Vulnerabilities   PAX Header Desynchronization Vulnerability in astral-tokio-tar

  • Dec 02 2025
Threat Views

December 02, 2025

December 02, 2025 Hash 1a18d2b06c4154e8b5c9a048f2e846fca 2333e7358ba283ca0a5d374c93c2cce8a 3284148b4620b1514e272e3e451528f85 URL 1http[:]//atrodco[.]com/ 2http[:]//putalocura[.]nl/ 3http[:]//ibkr[.]paxos[.]com/ IP 146[.]24[.]47[.]94 2200[.]46[.]125[.]168 3203[.]145[.]34[.]93...

  • Dec 02 2025
GeoServer Security Update Advisory (CVE-2025-58360)
Security Advisory

GeoServer Security Update Advisory (CVE-2025-58360)

Overview   We have released a security update to address a vulnerability in GeoServer. Affected product users are advised to update to the latest version.    Affected Products   CVE-2025-58360   GeoServer version: 2.26.0 or later and 2.26.1 or earlierGeoServer versions: 2.25.5 and earlier     Resolved Vulnerabilities   XML

  • Dec 02 2025
Node-forge Security Update Advisory (CVE-2025-12816)
Security Advisory

Node-forge Security Update Advisory (CVE-2025-12816)

Overview   We have released a security update to address a vulnerability in node-forge. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-12816   Node-forge version: below 1.3.2     Resolved Vulnerabilities   Validation Asynchronization Vulnerability in node-forge ASN.1 (CVE-2025-12816)    

  • Dec 02 2025
WordPress Plugin Security Update Advisory (CVE-2025-9501)
Security Advisory

WordPress Plugin Security Update Advisory (CVE-2025-9501)

Overview   We have released a security update to address a vulnerability in our WordPress plugin. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-9501   W3 Total Cache versions: 2.8.12 and earlier     Resolved Vulnerabilities   Remote code execution (RCE)

  • Dec 02 2025
ICTBroadcast Security Update Advisory (CVE-2025-2611)
Security Advisory

ICTBroadcast Security Update Advisory (CVE-2025-2611)

Overview   We have released a security update to address a vulnerability in ICTBroadcast. Users of affected products are advised to update to the latest version.    Affected Products   CVE-2025-2611   ICTBroadcast Version: 7.4 and earlier     Resolved Vulnerabilities   Memory corruption vulnerability in Firefox (CVE-2025-49709)Integer overflow vulnerability

  • Dec 02 2025
Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert
Mobile

Security Incident Reported in Ad-Free YouTube App SmartTube: Users Advised to Stay Alert

The signature key information of the SmartTube app, which allows users to watch YouTube videos on Android smart TVs and set-top boxes without ads, has been leaked.   This incident was identified as multiple users received Play Protect warning messages and had their apps blocked.   Figure 1. User report

  • Dec 02 2025