Stormshield

A new critical authentication bypass vulnerability impacting the platform SAP NetWeaver from SAP has been reported. It has been assigned the reference CVE-2025-31324 and a CVSS 3.1 score of 10. This flaw impacts the following version of the application: NetWeaver (Visual Composer development server) VCFRAMEWORK… The post Security alert SAP CVE-2025-31324: Stormshield Products Response appeared first on Stormshield.

In 2024, France’s ANSSI cybersecurity agency observed an increase in attacks exploiting vulnerabilities in equipment exposed online, including firewalls and VPN gateways used to secure remote access to information systems. Several thousand devices were compromised in France, and dozens of incidents linked to these flaws… The post Firewall robustness: a key factor in providing protection against cyberattacks appeared first on Stormshield.

A recent study by France’s national Agence Nationale de Sécurité des Systèmes d’Information (ANSSI) information systems security agency assessed the risks to which businesses and local authorities are exposed. At least 31 compromises affecting players in the water sector in France have been examined by ANSSI since… The post Cyber-risks in the water sector: modernise and segment to protect yourself appeared first on Stormshield.

A critical authentication bypass vulnerability impacting the Next.js middleware has been reported. It has been assigned the reference CVE-2025-29927 and a CVSS 3.1 score of 9.1. It should be noted that proof of concept are publicly available about this CVE-2025-29927 vulnerability.   Initial vector attack… The post Security alert Next.js CVE-2025-29927: Stormshield Products Response appeared first on Stormshield.

Local authorities are particularly exposed to cyber-threats, with major risks such as paralysed public services and citizens’ compromised sensitive data. According to a recent study by Cybermalveillance.gouv.fr, although the majority of businesses are aware of the cyber-threat issue, they are still failing to make appropriate investments… The post Cybersecurity and digital transformation: how local authorities can rise to the challenge of resilience appeared first on Stormshield.

A critical vulnerability impacting Zimbra Collaboration has been reported. It has been assigned the reference CVE-2025-25064 and a CVSS 3.1 score of 9.8. It should be noted that proofs of concept of this CVE-2025-25064 are publicly available. The following versions are impacted: Zimbra Collection 10.0.11… The post Security alert CVE-2025-25064: Stormshield Products Response appeared first on Stormshield.

Corporate Social Responsibility (CSR) is now a key strategic priority, with cybersecurity playing a key role in this respect. Recent initiatives such as Cyber4Tomorrow and the work of the Cyber Campus are promoting a conversation on environmentally friendly cybersecurity practices. These approaches highlight the importance… The post Towards responsible cybersecurity: the central role of the CISO in CSR strategy appeared first on Stormshield.

A critical vulnerability impacting Ivanti softwares Connect Secure, Neurons for Zero Trust Access and Policy Secure has been reported. It has been assigned the reference CVE-2025-0282 and a CVSS 3.1 score of 9.0.  It should be noted that proof of concept of this CVE-2025-0282 vulnerability… The post Security alert CVE-2025-0282: Stormshield Products Response appeared first on Stormshield.

According to the Microsoft Digital Defense Report 2024, Microsoft customers experience more than 600 million attacks daily, often initiated via phishing or social engineering. Ransomware attacks have increased almost threefold. And although attacks that feature a data encryption stage have fallen by two thirds, these… The post Data protection: the vital need to orchestrate email encryption appeared first on Stormshield.

A new critical authentication bypass vulnerability impacting SAP BusinessObjects Business Intelligence Platform from SAP has been reported. It has been assigned the reference CVE-2024-41730 and a CVSS 3.1 score of 9.8. This flaw impacts the following version of the application: Enterprise 420 ; Enterprise 430 ; Enterprise… The post Security alert CVE-2024-41730: Stormshield Products Response appeared first on Stormshield.