Cyber Security News

Red Hat published security advisory CVE-2025-10725, detailing an Important severity flaw in the OpenShift AI Service that could enable low-privileged attackers to elevate their permissions to full cluster administrator and compromise the entire platform.  With a CVSS v3 base score of 9.9, this vulnerability poses a critical risk for organizations leveraging Red Hat OpenShift AI […]

The post Red Hat Openshift AI Service Vulnerability Allow Attackers to Take Control of the Infrastructure appeared first on Cyber Security News.

Confidential computing promised to protect sensitive workloads in the public cloud. Yet a new low-cost hardware attack, Battering RAM, demonstrates that even up-to-date memory-encryption schemes on Intel and AMD processors can be defeated with a simple interposer costing under 50 dollars. Modern servers use DDR4 DRAM with hardware-backed encryption, such as Intel SGX’s Total Memory Encryption (TME) […]

The post New Battering RAM Attack Bypasses Latest Defenses on Intel and AMD Cloud Processors appeared first on Cyber Security News.

In recent weeks, security teams worldwide have observed a surge in covert operations orchestrated by a clandestine group known colloquially as the “Chinese Nexus” APT. This actor has been tailoring highly targeted campaigns against organizations in the finance, telecommunication, and manufacturing sectors, exploiting spear-phishing emails and compromised VPN credentials to gain initial footholds. Victims report […]

The post New Chinese Nexus APT Hackers Attacking Organizations to Deliver NET-STAR Malware Suite appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged targeting job seekers through fake Google career recruitment opportunities, leveraging social engineering tactics to harvest Gmail credentials and personal information. The malicious operation exploits the trust associated with Google’s brand reputation, crafting convincing recruitment emails that direct victims to fraudulent login portals designed to capture authentication details. The attack […]

The post Hackers Posing as Google Careers Recruiter to Steal Gmail Login Details appeared first on Cyber Security News.

Microsoft is actively investigating and addressing widespread errors preventing users from accessing their mailboxes on Outlook.com. The company has been providing regular updates throughout the day, indicating that targeted infrastructure restarts are gradually restoring service. The issue, which began early on October 1, 2025, affects users attempting to log in or access their emails via […]

The post Microsoft Investigating Widespread Outlook.com Outage Preventing Users from Accessing Mailbox appeared first on Cyber Security News.

Hackers have recently leveraged a vulnerability in the web-based management interfaces of certain cellular routers to co-opt their built-in SMS functionality for nefarious purposes. By targeting exposed APIs, attackers are able to dispatch large volumes of malicious SMS messages containing weaponized links that lead to drive-by downloads or credential-stealing pages. This emerging threat vector exploits […]

The post Hackers Exploit Cellular Router’s API to Send Malicious SMS Messages With Weaponized Links appeared first on Cyber Security News.

A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild.  The vulnerability, tracked as CVE-2025-20333, poses an immediate risk to organizations worldwide with a CVSS score of 9.9, representing one of the most severe security flaws discovered in enterprise firewall infrastructure this year. According to data […]

The post 48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild appeared first on Cyber Security News.

Microsoft has officially released Windows 11, version 25H2, also known as the Windows 11 2025 Update, marking the next feature update for the operating system. The update became available for general availability on September 30, 2025, initiating a phased rollout to eligible devices. This new version is designed as a service, with updates delivered periodically […]

The post Windows 11 25H2 Released for General Availability – Know Issues and Mitigations appeared first on Cyber Security News.

A new Android banking trojan has emerged that combines traditional overlay attacks with a stealthy hidden Virtual Network Computing (VNC) server to achieve full remote control of compromised devices. First detected in late September 2025, the malware is distributed through SMS-based phishing campaigns that lure victims into installing a fake “security” app. Once granted the […]

The post New Android Banking Trojan Uses Hidden VNC to Gain Complete Remote Control Over Device appeared first on Cyber Security News.

The OpenSSL Project has released a critical security advisory, addressing three significant vulnerabilities that could allow attackers to execute remote code and potentially recover private cryptographic keys.  These flaws affect multiple OpenSSL versions across different platforms and could lead to memory corruption, denial of service attacks, and unauthorized access to sensitive cryptographic materials. The most […]

The post OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely appeared first on Cyber Security News.

A concerning cybersecurity trend has emerged as threat actors exploit the growing popularity of artificial intelligence tools by distributing malicious Chrome extensions masquerading as legitimate platforms. These deceptive extensions target users seeking convenient access to popular services like ChatGPT, Claude, Perplexity, and Meta Llama, creating a significant security risk for unsuspecting individuals and organizations. The […]

The post Beware! Threat Actors Distributing Malicious AI Tools as Chrome Extensions appeared first on Cyber Security News.

In late September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public alert regarding the active exploitation of a critical command injection vulnerability tracked as CVE-2025-59689 in Libraesva Email Security Gateway (ESG) devices. This flaw has rapidly emerged as a favored target for threat actors due to its ease of exploitation and the […]

The post CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

A sophisticated attack campaign targeting improperly managed Microsoft SQL servers has emerged, deploying the XiebroC2 command and control framework to establish persistent access to compromised systems. The attack leverages vulnerable credentials on publicly accessible database servers, allowing threat actors to gain initial foothold and escalate privileges through a multi-stage deployment process. XiebroC2, a publicly available […]

The post Threat Actors Hijacking MS-SQL Server to Deploy XiebroC2 Framework appeared first on Cyber Security News.

In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks worldwide. First detected in early 2025, the campaign leverages custom-built malware to infiltrate secure perimeters and harvest user credentials. Initial indicators of compromise point to spear-phishing emails with HTML attachments […]

The post APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials appeared first on Cyber Security News.

Security Operations Centers (SOCs) protect organizations’ digital assets from ongoing cyber threats. To assess their effectiveness, SOCs use key performance indicators (KPIs) such as Mean Time to Detect (MTTD) and False Positive Rate (FPR). Although these metrics are often seen as separate, they are closely interconnected; improving one can directly enhance the other. By integrating […]

The post How SOC Teams Detect Can Detect Cyber Threats Quickly Using Threat Intelligence Feeds appeared first on Cyber Security News.

CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently being exploited in the wild.  This flaw allows local adversaries to bypass access controls and execute arbitrary commands as the root user, even without explicit sudoers privileges. Sudo Chroot Bypass (CVE-2025-32463) Identified as “Inclusion […]

The post CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

Three new vulnerabilities in Google’s Gemini AI assistant suite could have allowed attackers to exfiltrate users’ saved information and location data. The vulnerabilities uncovered by Tenable, dubbed the “Gemini Trifecta,” highlight how AI systems can be turned into attack vehicles, not just targets. The research exposed significant privacy risks across different components of the Gemini […]

The post Google Gemini Vulnerabilities Let Attackers Exfiltrate User’s Saved Data and Location appeared first on Cyber Security News.

Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new exploit being offered on a clandestine marketplace. According to a recent listing, a seller operating under the handle “SebastianPereiro” claims to possess a remote-code-execution (RCE) exploit targeting specific Veeam 12.x builds. Dubbed the “Bug of […]

The post Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web appeared first on Cyber Security News.

Security researchers are observing a significant increase in internet-wide scans targeting the critical PAN-OS GlobalProtect vulnerability (CVE-2024-3400).  Exploit attempts have surged as attackers seek to leverage an arbitrary file creation flaw to achieve OS command injection and ultimately full root code execution on vulnerable firewalls. Exploitation of Critical PAN-OS SSL VPN Flaw (CVE-2024-3400) Since late […]

The post Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability appeared first on Cyber Security News.

Linux Torvalds has announced the release of Linux Kernel 6.17, a new version focused on stability and incremental improvements rather than groundbreaking features. The update brings a host of bug fixes, security enhancements, and driver updates across various subsystems. In his release message, Torvalds described the final week of development as having “no huge surprises,” […]

The post Linux 6.17 Released With Fix for use-after-free Vulnerabilities appeared first on Cyber Security News.