Several critical cybersecurity vulnerabilities have been recently disclosed affecting major technology providers and their products. Trend Micro confirmed active exploitation of zero-day flaws in its Apex One on-premise systems. Microsoft disclosed a high-severity vulnerability (CVE-2025-53786) in Exchange Server hybrid deployments that allows attackers to silently escalate privileges from on-premises Exchange to the cloud without leaving logs, posing a risk of total domain compromise. The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings alongside Microsoft regarding this flaw. Dell has patched five high-severity firmware vulnerabilities impacting over 100 laptop models, related to the ControlVault3 security chip, which affects millions of devices worldwide. Users are urged to install the firmware updates promptly. Additionally, 14 new vulnerabilities were found in CyberArk and HashiCorp vaults, enabling remote takeover of corporate secrets without credentials; some of these bugs remained undetected for up to nine years. Despite 90% of security and IT leaders feeling prepared to address vulnerabilities quickly, there remains widespread distrust in the data used by security tools. SonicWall confirmed that a recent VPN attack was linked to a previously patched vulnerability, not a zero-day exploit.