The vulnerability affects a wide range of Veeam products, including Veeam Backup for Salesforce, Nutanix AHV, AWS, Microsoft Azure, Google Cloud, Oracle Linux Virtualization Manager, and Red Hat Virtualization.

The vulnerability affects various Linux kernel versions, including v6.8 to v6.9, v5.15.147, v6.1.78, and v6.6.17. System administrators are advised to upgrade to patched versions immediately.

The exploit takes advantage of Windows Performance Counters, a mechanism that allows applications and services to register monitoring routines via PerfMon.exe or Windows Management Instrumentation (WMI).

This stealthy macOS malware leverages process name manipulation, DYLD injection, and C2-based command execution to operate undetected, making it a significant threat to Apple users.

The vulnerability, tracked as CVE-2025-0411, allows attackers to bypass Windows Mark-of-the-Web (MOTW) protections, which are designed to prevent the execution of malicious files downloaded from the internet.

Three particularly concerning vulnerabilities (CVE-2025-20633, CVE-2025-20632, CVE-2025-20631) reside in the WLAN AP driver. An incorrect bounds check could allow remote code execution without needing any additional privileges or user interaction.

A newly discovered race condition in Apple’s macOS kernel (XNU) could allow attackers to escalate privileges, corrupt memory, and potentially achieve kernel-level code execution, according to security researcher Joseph Ravichandran of MIT CSAIL.

The affected routers, including D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500N, and DSR-1000N, reached their end-of-life (EOL) status in 2015 and 2024, meaning they no longer receive security updates or support from D-Link.

The vulnerability has been patched in DJL 0.31.1. Users are strongly encouraged to update to the latest version to mitigate the risk. As a workaround, users should avoid using model archive files from untrusted sources.

These flaws, tracked as CVE-2025-0477, CVE-2025-0497, and CVE-2025-0498, pose severe risks to industrial control systems (ICS) by allowing attackers to extract credentials, expose sensitive data, and impersonate users.