Aggregator

The U.S. Department of Justice has sued toy maker Apitor Technology for allegedly allowing a Chinese third party to collect children's geolocation data without their knowledge and parental consent. [...]

Google addressed 120 Android vulnerabilities in September 2025, including two flaws actively exploited in targeted attacks. Google has released security updates to address 120 Android vulnerabilities as part of Android Security Bulletin – September 2025. Two of these vulnerabilities have been exploited in targeted attacks. “There are indications that the following may be under limited, targeted […]

It’s the middle of the week, you are working on a project that needs to be done, and while you are trying to focus, you get the same phishing alert for the 10th time this week. Your team is drowning in noise, and you’re looking around thinking,  ‘It’s 2025. There has to be an [...]

The post Soar is your Safest Bet appeared first on Hurricane Labs.

The post Soar is your Safest Bet appeared first on Security Boulevard.

What do a pharma firm, a hospital service provider, and your smart doorbell have in common? They were all targets in cyberattacks last month. Here’s the August end-of-month threat rundown from the ColorTokens Threat Advisory Team, a peek into how threat actors are rewriting the rules, one zero-day or botnet at a time. And if […]

The post When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook appeared first on ColorTokens.

The post When Hackers Pivot and Hospitals Freeze: What the Latest Threats Reveal About Cybercrime’s New Playbook appeared first on Security Boulevard.

Phishing has moved far beyond suspicious links. Today, attackers hide inside the files employees trust most; PDFs. On the surface, they look like invoices, contracts, or reports. But once opened, these documents can trigger hidden scripts, redirect to fake login pages, or quietly steal credentials. The danger lies in how convincing they are. PDFs often […]

The post Attackers Are Abusing Malicious PDFs: Here’s How to Spot Them Early appeared first on Cyber Security News.

A vulnerability classified as critical has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This affects an unknown function of the file /OL_OprationLog/GetPageList. This manipulation of the argument optUser causes sql injection. The identification of this vulnerability is CVE-2025-8701. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as problematic has been identified in Check Point Harmony SASE. Affected by this issue is some unknown functionality of the component Harmony SASE Agent Handler. Such manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-3831. The attack can be launched remotely. No exploit exists.

A vulnerability labeled as problematic has been found in MGeurts genealogy up to 4.3.x. The impacted element is an unknown function. Executing manipulation can lead to cross site scripting. This vulnerability is registered as CVE-2025-55287. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in MGeurts genealogy up to 4.3.x. This affects an unknown function. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-55288. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in n8n-io n8n up to 1.98.1. It has been classified as problematic. This issue affects some unknown processing. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2025-52478. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.