Aggregator

The UK’s Cyber Monitoring Centre (CMC) assessed the incident as a Category 2 systemic event, based on the significant economic impact

In a concerning development for internet users, cybercriminals have devised a sophisticated new technique to manipulate Google search results, effectively poisoning them to display fraudulent contact information. Unlike traditional phishing schemes that rely on fake websites, this novel approach leverages legitimate corporate websites while subtly altering displayed phone numbers, creating a nearly undetectable scam vector […]

The post Threat Actors Poisoning Google Search Results to Display The Scammer’s Phone Number Instead of Real Number appeared first on Cyber Security News.

A Krispy Kreme spokesperson said the “vast majority of those affected are Krispy Kreme employees, members of their families, and former employees.”

The digital certification system used by Russia's producers and suppliers of meat, dairy, eggs and other animal products was taken offline after a cyberattack.

The internet witnessed a new record in cyberattacks last month as Cloudflare, blocked the largest distributed denial-of-service (DDoS) attack ever recorded. The attack peaked at an astonishing 7.3 terabits per second (Tbps), overwhelming its target with 37.4 terabytes of data in just 45 seconds. The attack, detected in mid-May 2025, targeted an unnamed hosting provider […]

The post Massive DDoS Attack Hits 7.3 Tbps Delivering 37.4 Terabytes in 45 Seconds appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird up to 102.10. This affects the function DoReadData. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2023-32213. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 112. Affected is an unknown function of the component Address Bar Handler. The manipulation leads to clickjacking. This vulnerability is traded as CVE-2023-32212. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox up to 112. Affected by this vulnerability is the function FileReader::DoReadData. The manipulation leads to uninitialized pointer. This vulnerability is known as CVE-2023-32213. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 112 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Popup Notification Handler. The manipulation leads to permission issues. This vulnerability is known as CVE-2023-32207. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Thunderbird up to 102.10. Affected by this issue is some unknown functionality of the component Popup Notification Handler. The manipulation leads to permission issues. This vulnerability is handled as CVE-2023-32207. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 112. It has been rated as problematic. This issue affects some unknown processing of the component wasm Code Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-32211. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.10 and classified as critical. Affected by this issue is some unknown functionality of the component Browser Prompt Handler. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2023-32205. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.10 and classified as problematic. This issue affects some unknown processing of the component wasm. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-32211. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 112. This issue affects some unknown processing of the component Browser Prompt Handler. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2023-32205. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 112. Affected is an unknown function of the component RLBox Expat Driver. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-32206. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird up to 102.10 and classified as problematic. This vulnerability affects unknown code of the component RLBox Expat Driver. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2023-32206. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 102.9.0. Affected is an unknown function of the component Matrix SDK. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-28427. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Microsoft has announced plans to periodically remove legacy drivers from the Windows Update catalog to mitigate security and compatibility risks. [...]

A recent security analysis has revealed how a chain of misconfigurations in Microsoft Azure can allow attackers to gain complete control over an organization’s cloud infrastructure, from initial access to full tenant takeover. The attack path, demonstrated using real-world tools and PowerShell scripts, highlights the urgent need for organizations to harden their Azure deployments and […]

The post Azure Misconfiguration Lets Attackers Take Over Cloud Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Pentagon modernize defense via AI, Water Curse spreads malware through GitHub repos, and TaxOff uses Chrome zero-day to deploy backdoor.

The post The Good, the Bad and the Ugly in Cybersecurity – Week 25 appeared first on SentinelOne.