Check out the highlights from Red Dot Security, which rounds up key cyberthreats and vulnerabilities that could affect your IT environment.

In April 2025, Red Dot Security— authored by Jan Broucinek, an Integris security services operations manager— provided several updates on vulnerabilities. Here is a roundup of some vulnerability news happenings that may affect your IT environment:

Apache Parquet suffered a critical defect that received the highest rating of 10.0 on the Common Vulnerability Scoring System (CVSS).

An Apache Tomcat vulnerability was discovered under active exploitation and enables remote code execution (RCE). An RCE allows a malicious attacker to control a computer, server, or other device without physically accessing it.

In the Q1 2025 Security Trends Report, Broucinek provides a series of links to trends seen, such as the following:

State-sponsored breaches. Consider the recent Bybit hack, which enabled malicious actors from North Korea’s Lazarus Group to steal $1.48 billion from Bybit’s Ethereum cypto wallet.

Quishing. Also known as QR code phishing, quishing is a cyberattack in which users scan QR codes to lure them into visiting fake websites for the purpose of stealing credentials or downloading malicious software.

Smishing. A practice of sending text messages, purportedly from reputable organizations, to induce consumers to reveal personally identifiable information, infect their systems with malware, and steal credentials and valuable information, such as passwords or credit card numbers.

For these threat updates and more, check out Red Dot Security.

Lauren Horwitz

As Director of Content Marketing at Integris, Lauren brings 18 years of experience in digital publishing and editorial leadership. She specializes in content strategy, SEO, and leveraging data insights to create impactful stories. Lauren has held senior roles at HUMAN Security, Dynatrace, Informa Tech, Cisco.com, and TechTarget, shaping content for technology and business audiences.