Catalogic Software, a provider of secure data protection solutions, announced the release for Catalogic DPX 4.15, the latest version of its all-in-one enterprise backup and recovery solution.

New "Storm" infostealer skips local decryption, sending browser data to attacker servers. Varonis shows how server-side decryption enables session hijacking, bypassing passwords and MFA.

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.