Nvidia has issued a security reminder to application developers, computer manufacturers, and IT leaders that modern memory chips in graphic processors are potentially susceptible to so-called Rowhammer exploits after Canadian university researchers proved that an Nvidia A6000 GPU could be successfully compromised with a similar attack. A Rowhammer attack is a software-based fault-injection attack that allows…
Category: Exploits
Breaking News, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Wing FTP Server flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Wing FTP Server flaw, tracked as CVE-2025-47812, to its Known Exploited Vulnerabilities (KEV) catalog. Wing FTP Server is a secure and flexible file transfer solution that supports multiple protocols, including FTP,…
Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
AsyncRAT seeds family of more than 30 remote access trojans
AsyncRAT, the most prevalent remote access trojan observed in the wild, has spawned more than 30 forks and variants that increase the impact of the open-source malware, making it a popular and sometimes disguised tool of choice for cybercriminals, ESET researchers said in a report released Tuesday. The open source remote access tool, which was…
Exploits, generative ai, Global Security News
Grok 4 mit Jailbreak-Angriff geknackt
srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?quality=50&strip=all 6000w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/07/shutterstock_2650257123.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Das neue KI-Sprachmodell Grok 4 ist anfällig für Jailbreak-Angriffe. Svet foto – shutterstock.com Erst vor wenigen Tagen präsentierte Elon Musk sein neues KI-Sprachmodell Grok 4. Doch schon kurz…
Exploits, Global Security News
AI poisoning and the CISO’s crisis of trust
In May 2025, the NSA, CISA, and FBI issued a joint bulletin authored with the cooperation of the governments of Australia, New Zealand, and the United Kingdom confirming that adversarial actors are poisoning AI systems across sectors by corrupting the data that trains them. The models still function — just no longer in alignment with…
Breaking News, CISA, End-of-Train, Exploits, Global Security News, hacking, internet of things
An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance
A 20-year-old flaw in End-of-Train and Head-of-Train systems could let hackers trigger emergency braking, finally getting proper attention. US CISA has warned about a critical flaw, tracked as CVE-2025-1727, in the radio-based linking protocol between End-of-Train (EoT) and Head-of-Train (HoT) systems. An End-of-Train (EoT) device, also known as a Flashing Rear End Device (FRED), is…
CISA, Cybercrime, Cybersecurity, Exploits, Global Security News, Research, Threats
CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe
Authorities and researchers are intensifying warnings about active exploitation and pervasive scanning of a critical vulnerability affecting multiple versions of Citrix NetScaler products. There is now widespread agreement among security professionals that the critical vulnerability, CVE-2025-5777, which Citrix disclosed June 17, is serious and harkens back to a 2023 defect in the same products: “CitrixBleed,”…
Exploits, Global Security News, Internet Security, Network Security, Passwords, Ransomware, Security, Security Practices, Vulnerabilities
The 10 most common IT security mistakes
Encrypted files and a text file containing a ransom note clearly indicate that a company has fallen victim to a cyberattack. But this is only the end of a long chain of attacks. The perpetrators often move around the network unhindered and unnoticed for several weeks or months. IT forensic analyses also show that many…
AI, Cybersecurity, Exploits, Global Security News, Research, Technology, Uncategorized
Is XBOW’s success the beginning of the end of human-led bug hunting? Not yet.
When news broke that an AI agent named XBOW was leading the HackerOne bug bounty leaderboards, it quickly raised several concerning questions for the cybersecurity industry. Have large language models evolved enough to partially or fully replace human bug hunting? How precisely does XBOW — built by a startup with the same name — work?…
Exploits, Global Security News
New Grok-4 AI breached within 48 hours using ‘whispered’ jailbreaks
xAI’s newly launched Grok-4 is already showing cracks in its defenses, falling to recently revealed multi-conversational, suggestive jailbreak techniques. Two days after Elon Musk’s latest edition of large language models (LLMs) hit the streets, researchers at NeuralTrust managed to sweet-talk it into lowering its guardrails and providing instructions for making a Molotov cocktail, all without…
Breaking News, eSIM, eUICC, Exploits, Global Security News, hacking, Security
Experts uncover critical flaws in Kigen eSIM technology affecting billions
Experts devised a new hack targeting Kigen eSIM tech, used in over 2B devices, exposing smartphones and IoT users to serious security risks. Researchers at Security Explorations uncovered a new hacking method exploiting flaws in Kigen’s eSIM tech, affecting billions of IoT devices. An eSIM (embedded SIM) is a digital version of a traditional SIM…
Exploits, Global Security News
Putting AI-assisted ‘vibe hacking’ to the test
Attackers are increasingly leveraging large language models (LLMs) to enhance attack workflows, but for all their advances in helping to write malicious scripts, these tools are not yet ready to turn run-of-the-mill cybercriminals into exploit developers. According to tests performed by researchers from Forescout, LLMs have gotten fairly good at coding — particularly at vibe…
Exploits, Global Security News
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as of December 2020. The findings come…
Breaking News, Exploits, Fortinet FortiWeb, Global Security News, hacking, Security
Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb
PoC exploits released for critical Fortinet FortiWeb flaw allowing pre-auth RCE. Fortinet urges users to patch. Proof-of-concept (PoC) exploits for CVE-2025-25257 in Fortinet FortiWeb (CVSS 9.8) enable pre-auth RCE on vulnerable servers. The flaw is a SQL injection vulnerability in FortiWeb (CWE-89) that allows unauthenticated attackers to execute unauthorized SQL commands via crafted HTTP/HTTPS requests.…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Wing FTP Server flaw actively exploited shortly after technical details were made public
Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30. Threat actors are exploiting a critical flaw, tracked as CVE-2025-47812 (CVSS score of 10), in Wing FTP Server that allows remote code execution with root/system privileges. Wing FTP Server is a secure and flexible file…
Artificial Intelligence, Exploits, Global Security News, Google, Security
Google Gemini flaw hijacks email summaries for phishing
Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links. […]
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, information security news
Security Affairs newsletter Round 532 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. McDonald’s job app exposes data of 64 Million applicants Athlete or Hacker? Russian basketball player accused…
Exploits, Global Security News
GPUHammer: New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs
NVIDIA is urging customers to enable System-level Error Correction Codes (ECC) as a defense against a variant of a RowHammer attack demonstrated against its graphics processing units (GPUs). “Risk of successful exploitation from RowHammer attacks varies based on DRAM device, platform, design specification, and system settings,” the GPU maker said in an advisory released this…
Exploits, Global Security News, Security
Hackers are exploiting critical RCE flaw in Wing FTP Server
Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. […]
Exploits, Global Security News
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub
Cybersecurity researchers have discovered a serious security issue that allows leaked Laravel APP_KEYs to be weaponized to gain remote code execution capabilities on hundreds of applications. “Laravel’s APP_KEY, essential for encrypting sensitive data, is often leaked publicly (e.g., on GitHub),” GitGuardian said. “If attackers get access to this key, they can exploit a deserialization flaw…
Exploits, Global Security News, Microsoft, Microsoft Office, Security, Windows, Windows 10, Windows 11
Microsoft’s Patch Tuesday updates: Keeping up with the latest fixes
Long before Taco Tuesday became part of the pop-culture vernacular, Tuesdays were synonymous with security — and for anyone in the tech world, they still are. Patch Tuesday, as you most likely know, refers to the day each month when Microsoft releases security updates and patches for its software products — everything from Windows to…
Exploits, Global Security News, Security
Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. […]
Exploits, Global Security News, Mercedes-Benz, OpenSynergy, PCA Cyber Security, Transportation
Researchers identify critical vulnerabilities in automotive Bluetooth systems
Cybersecurity researchers have identified four significant security vulnerabilities in a widely used automotive Bluetooth system that could potentially allow remote attackers to execute code on millions of vehicles worldwide. The vulnerabilities, collectively named PerfektBlue by PCA Cyber Security, affect OpenSynergy’s BlueSDK Bluetooth stack, which is used to implement Bluetooth functionality in embedded systems, with a…
Exploits, Global Security News, Security
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. […]
Exploits, Global Security News
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy’s BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors. The vulnerabilities, dubbed PerfektBlue, can be fashioned together as an exploit chain to run arbitrary code on cars from at least three major…
Exploits, Global Security News
McDonald’s AI hiring tool’s password? ‘123456’: Exposes data of 64M applicants
A security oversight in McDonald’s AI-powered hiring platform “McHire” was found exposing sensitive applicant data belonging to as many as 64 million job seekers. Discovered in late June 2025 by security researchers Ian Carroll and Sam Curry, the issue was a default admin login and an insecure direct object reference (IDOR) in an internal API…
Exploits, Global Security News
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null (‘’) bytes in the server’s web interface, which allows for remote code execution. It has been addressed…
Breaking News, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway, tracked as CVE-2025-5777, to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2025-5777 flaw, dubbed ‘CitrixBleed 2‘ (CVSS v4.0 Base Score…
Exploits, Global Security News
Anatomy of a Scattered Spider attack: A growing ransomware threat evolves
Scattered Spider is increasingly making headlines of late, evolving its techniques and broadening the scope of its criminal activities against a wider array of enterprises. Active since at least May 2022, the financially motivated cybercriminal group initially targeted telecommunications and entertainment companies, including MGM Resorts and Caesars Entertainment, through SIM-swapping and ransomware operations. [ See…
Exploits, Global Security News
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild. The shortcoming in question is CVE-2025-5777 (CVSS score: 9.3), an instance of insufficient input validation that
Endpoint Protection, Enterprise Buyer’s Guides, Exploits, Global Security News
EDR-Software – ein Kaufratgeber
EDR-Software verhindert Endpunkt-Sicherheitsdebakel. Die richtige Lösung vorausgesetzt. SvetaZi | shutterstock.com Software im Bereich Endpoint Detection and Response (EDR) erfreut sich weiterhin steigender Beliebtheit – und wird mit zunehmender Reife immer effektiver. EDR-Lösungen bieten Realtime-Einblicke in die Endpunkt-Aktivitäten und ermöglichen es, Mobiltelefone, Workstations, Laptops, Server und andere Devices vor Cyberangriffen zu schützen. In diesem Kaufratgeber erfahren…
Breaking News, Exploits, Global Security News, hacking
PerfektBlue Bluetooth attack allows hacking infotainment systems of Mercedes, Volkswagen, and Skoda
Researchers found critical PerfektBlue flaws in OpenSynergy BlueSDK, allowing remote code execution to hack millions of vehicles’ systems. Researchers at PCA Cyber Security identified a set of critical vulnerabilities, collectively tracked as PerfektBlue, in OpenSynergy BlueSDK Bluetooth stack. The exploitation of the flaws potentially allows remote code execution in millions of vehicles. These flaws could…
Exploits, Global Security News, Ne'er-Do-Well News, Ransomware
UK Charges Four in ‘Scattered Spider’ Ransom Group
Authorities in the United Kingdom this week arrested four alleged members of “Scattered Spider,” a prolific data theft and extortion group whose recent victims include multiple airlines and the U.K. retail chain Marks & Spencer. Scattered Spider is the name given to an English-speaking cybercrime group known for using social engineering tactics to break into companies…
Exploits, Global Security News, Security
PerfektBlue BlueTooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda. […]
Exploits, Global Security News
LLMs Fall Short in Vulnerability Discovery and Exploitation
Forescout found that most LLMs are unreliable in vulnerability research and exploit tasks, with threat actors still skeptical about using tools for these purposes
Exploits, Global Security News, Security, Vulnerabilities
AMD discloses new CPU flaws that can enable data leaks via timing attacks
AMD has disclosed four new processor vulnerabilities that could allow attackers to steal sensitive data from enterprise systems through timing-based side-channel attacks. The vulnerabilities, designated AMD-SB-7029 and known as Transient Scheduler Attacks, affect a broad range of AMD processors, including data center EPYC chips and enterprise Ryzen processors. The disclosure has immediately sparked a severity…
Exploits, Global Security News
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike. “A…
Exploits, Global Security News, Network Security, Threat and Vulnerability Management, Vulnerabilities
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler
Security researchers have released a technical analysis and proof-of-concept exploit code for a critical vulnerability fixed last month in Citrix NetScaler appliances that is suspected to have been exploited in the wild, though in a limited capacity and without official confirmation from Citrix. Companies are urged to deploy the patches and use published indicators of…
AI, Compliance, Cybersecurity, Exploits, Global Security News, privacy, Risk Management
Call of Duty: From pew-pew to pwned
In episode 425 of “Smashing Security”, Graham reveals how “Call of Duty: WWII” has been weaponised – allowing hackers to hijack your entire PC during online matches, thanks to ancient code and Microsoft’s Game Pass. Meanwhile, Carole digs into a con targeting the recently incarcerated, with scammers impersonating bail bond agents to fleece desperate families.…
Exploits, Global Security News, Have I Been Pwned
Welcoming Push Security to Have I Been Pwned’s Partner Program
As we gradually roll out HIBP’s Partner Program, we’re aiming to deliver targeted solutions that bridge the gap between being at risk and being protected. HIBP is the perfect place to bring these solutions to the forefront, as it’s often the point at which individuals and organisations first learn of their exposure in data breaches.…
Breaking News, cyber crime, Cybercrime, data breach, Exploits, Global Security News, hacking
Nippon Steel Solutions suffered a data breach following a zero-day attack
Nippon Steel Solutions reported a data breach caused by hackers exploiting a zero-day vulnerability in their network equipment. Nippon Steel Solutions, a subsidiary of Japan’s Nippon Steel, disclosed a data breach, attackers exploited a zero-day vulnerability. The company provides cloud and cybersecurity services. On March 7, 2025, Nippon Steel Solutions detected suspicious server activity and…
Exploits, Global Security News
Gold Melody IAB Exploits Exposed ASP.NET Machine Keys for Unauthorized Access to Targets
The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker TGR-CRI-0045, where “TGR” stands for “temporary…
Exploits, Global Security News, Security
Ruckus Networks leaves severe flaws unpatched in management devices
Multiple vulnerabilities that remain unpatched in Ruckus Wireless management products could be exploited to fully compromise the network environment they serve. […]
Exploits, Global Security News
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
A widespread browser hijacking campaign has infected over 2.3 million users through 18 malicious extensions available on Google Chrome and Microsoft Edge. Dubbed “RedDirection” by researchers at Koi Security, the operation exploited trust indicators such as verified badges, high ratings, and featured placement to remain undetected across both browser ecosystems. Koi researchers described the operation…
Breaking News, Cybercrime, Exploits, Global Security News, hacking, malware, Security
Hackers weaponize Shellter red teaming tool to spread infostealers
Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked. Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures…
Exploits, Global Security News
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
For the first time in 2025, Microsoft’s Patch Tuesday updates did not bundle fixes for exploited security vulnerabilities, but acknowledged one of the addressed flaws had been publicly known. The patches resolve a whopping 130 vulnerabilities, along with 10 other non-Microsoft CVEs that affect Visual Studio, AMD, and its Chromium-based Edge browser. Of these 10…
Exploits, Global Security News, Latest Warnings, Security Tools, Time to Patch
Microsoft Patch Tuesday, July 2025 Edition
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with…
Exploits, Global Security News, Security, Vulnerabilities, Windows Security
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Microsoft’s July Patch Tuesday fixes are a mix of good news and bad news for CSOs: Fourteen of the vulnerabilities are rated as critical, but on the other hand, there are no zero-days and only one vulnerability with a publicly available proof of concept. CSOs need to immediately address a heap-based buffer overflow vulnerability in…
El Salvador, Exploits, Geopolitics, Global Security News, NSO Group, privacy, Spyware
Appeals court clears path for El Salvadoran journos to sue spyware maker
A U.S. appeals court on Tuesday revived a lawsuit that El Salvadoran journalists had brought against leading spyware maker NSO Group. The U.S. Court of Appeals for the Ninth Circuit concluded that a district court that dismissed the suit — on the grounds that the California court wasn’t the right forum — abused its discretion.…
Cybersecurity, Exploits, Global Security News, Microsoft, Research, Technology, Threats
Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited
Microsoft addressed 130 vulnerabilities across its products and underlying Windows systems, but none have been actively exploited in the wild, the company said in its latest security update Tuesday. A proof-of-concept exploit for a high-severity defect in SQL Server — CVE-2025-49719 — has been shared publicly, researchers said. The information disclosure vulnerability, which has a…
Exploits, Global Security News
Microsoft Patches 137 CVEs in July, But No Zero-Days
Some 17 of the bugs are at high risk for exploits, including multiple remote code execution bugs in Office and SharePoint.
Breaking News, Exploits, Global Security News, hacking, hacking news, IT Information Security, Security
Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day
Microsoft released Patch Tuesday security updates for July 2025, which addressed 130 flaws, including one a Microsoft SQL Server zero-day. Microsoft Patch Tuesday security updates for July 2025 addressed 130 vulnerabilities in Windows and Windows Components, Office and Office Components, .NET and Visual Studio, Azure, Teams, Hyper-V, Windows BitLocker, Microsoft Edge (Chromium-based), and the Windows…
Exploits, Global Security News, Mobile, Security
New Android TapTrap attack fools users with invisible UI trick
A novel tapjacking technique can exploit user interface animations to bypass Android’s permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device. […]
Exploits, Global Security News
Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware
In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware. The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize…
AI, Apps, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
Advancing Protection in Chrome on Android
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures. Advanced Protection gives you the ability to activate Google’s strongest security for mobile…
AI, Apps, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
Advancing Protection in Chrome on Android
Posted by David Adrian, Javier Castro & Peter Kotwicz, Chrome Security Team Android recently announced Advanced Protection, which extends Google’s Advanced Protection Program to a device-level security setting for Android users that need heightened security—such as journalists, elected officials, and public figures. Advanced Protection gives you the ability to activate Google’s strongest security for mobile…
Exploits, Global Security News
10 immutable laws of security, 25 years later
Back in 2000, the Microsoft Security Response Center released an article titled “10 Immutable Laws of Security“, describing what they believed were some fundamental truths about security, human behavior, and technology operations. Years later, they also released a V2 of this article, which remains relevant to this day. In this piece, I am looking at…
Application Security, Cybersecurity, Exploits, Global Security News, Research, Technology, Threats
Oligo Security strives to fill application-layer gaps in MITRE ATT&CK framework
Applications are a common intrusion point, but the way attackers gain access, maneuver and create mayhem within and across applications doesn’t always neatly fit into MITRE’s ATT&CK framework. The team at Oligo Security is releasing a new framework it calls Application Attack Matrix to complement areas of MITRE’s framework that it describes as too broad,…
Breaking News, CISA, Exploits, Global Security News, hacking, information security news, IT Information Security
U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Multi-Router Looking Glass (MRLG), PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite (ZCS) flaws to…
cyberattacks, Exploits, Global Security News
ClickFix-Attacken bedrohen Unternehmenssicherheit
Cyberkriminelle greifen immer häufiger auf ClickFix-Angriffe zurück. NAJA x -shutterstock.com Weniger bekannt als Phishing ist die Social-Engineering-Methode ClickFix. Ziel solcher Attacken ist es, die Opfer dazu zu bewegen, bösartige Befehle in Tools wie PowerShell oder die Windows-Eingabeaufforderung einzufügen. Die Angriffe beginnen in der Regel, nachdem ein Benutzer eine kompromittierte oder bösartige Website besucht oder einen…
Exploits, Global Security News, Security, Vulnerabilities
How a 12-year-old bug in Sudo is still haunting Linux users
Two new vulnerabilities have been found in Sudo, a privileged command-line tool installed on Linux systems, that can allow privilege escalation and unintended command execution on affected Ubuntu and Debian systems. According to a Stratascale research, the command-line tool has two local privilege escalation vulnerabilities, affecting the Sudo “host” and Sudo “Chroot” features. One of…
Exploits, Global Security News
CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is as follows – CVE-2014-3931 (CVSS score: 9.8) – A buffer overflow vulnerability in Multi-Router Looking Glass (MRLG) that could allow remote…
Exploits, Global Security News, Security
Public exploits released for CitrixBleed 2 NetScaler flaw, patch now
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. […]
Cybercrime, Cybersecurity, Exploits, Global Security News, Microsoft, remote code execution
Call of Duty takes PC game offline after multiple reports of RCE attacks on players
The makers of Call of Duty: World War 2 took the PC version of the game offline over the weekend amid widespread reports online that a remote code execution vulnerability was being used to take over victim computers during live multiplayer matches. On June 30, the 2017 game was released through Xbox’s GamePass service. On…
Exploits, Global Security News
NightEagle hackers exploit Microsoft Exchange flaw to spy on China’s strategic sectors
A previously undocumented Advanced Persistent Threat (APT) group, “NightEagle,” has been found targeting the Chinese government and critical sectors using an unidentified Microsoft Exchange zero-day flaw. According to a discovery made by RedDrip, the threat intelligence unit of Chinese cybersecurity firm QiAnXin Technology, the threat group has been compromising Microsoft Exchange servers through a sophisticated…
Exploits, Global Security News, Identity and Access Management, Internet, Internet Security, Productivity Software
Passkeys: How they work, how to use them
Once upon a time, signing into sites and apps was simple. You remember those days, right? (They really weren’t that long ago, though by tech standards, it’s been roughly seven centuries.) All you’d do is remember a single username and password — or maybe put it on a Post-it and stick it to the bottom…
Breaking News, Chrome, CISA, Exploits, Global Security News, hacking, Security
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is…
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking, IT Information Security
Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates Critical Sudo bugs expose…
Breaking News, Exploits, Global Security News, hacking, hacking news, information security news, Security
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems. Sudo (short for “superuser do”) is a…
AI, Cybersecurity, Exploits, Global Security News, Important, Information Security, Risk Management, Tutorials, vulnerabilities
How to Easily Escalate to Root on Linux Using the Latest Sudo Vulnerabilities
A newly disclosed pair of critical vulnerabilities in Sudo — the powerful Unix/Linux command-line tool that allows users to run commands as root — poses a significant local privilege escalation threat. These flaws impact major Linux distributions and allow unprivileged local users to gain root access, thereby compromising system integrity. Summary of the Vulnerabilities The…
Exploits, Global Security News
Verified, but vulnerable: Malicious extensions exploit IDE trust badges
Developers across popular integrated development environments (IDEs) like Visual Studio Code, Visual Studio, IntelliJ IDEA, and Cursor are at risk of running malicious extensions marked as “verified.” A new report from OX Security revealed that attackers can manipulate verification checks on these code editors so that malicious extensions appear trustworthy to unsuspecting users. “OX’s research,…
Exploits, Global Security News, vulnerabilities
Kritische Schwachstelle in Cisco Unified CM entdeckt
Bereits zum zweiten Mal in einer Woche muss Cisco eine Schwachstelle mit höchsten Schweregrad melden. JarTee – shutterstock.com Cisco meldete kürzlich eine Schwachstelle mit höchster Schweregradbewertung (CVSS 10 von 10) in seinen Produkten Unified Communications Manager (Unified CM) und Session Management Edition (Unified CM SME). Die betroffenen Lösungen sind Kernkomponenten der TK-Infrastruktur und werden in…
Application Security, Breach, Data Security, Exploits, Global Security News, privacy
CatWatchful stalkerware breach reveals 62K users, 26K victims
An SQL injection exploit exposed the users and owner of CatWatchful stalkerware.
APT, Breaking News, china, Exploits, Global Security News, hacking, Security
China-linked group Houken hit French organizations using zero-days
China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set,…
Exploits, Global Security News, Network Security, patchconfiguration-management, Vulnerability Management
Cisco patches critical 10.0 bug in Unified CM systems
A successful exploit could let an attacker log-in as the root user.
Breaking News, Cybercrime, data breach, Exploits, Global Security News, hacking
Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach
Resecurity found a breach in Brazil’s CIEE One platform, exposing PII and documents, later sold by data broker “888” on the dark web. Resecurity identified a data breach of one of the major platforms in Brazil connecting businesses and trainees called CIEE One – leading to the compromise of sensitive PII, including ID records, contact…
Cybercrime, Cybersecurity, Exploits, Geopolitics, Global Security News, Research, Threats
China-linked attacker hit France’s critical infrastructure via trio of Ivanti zero-days last year
Multiple critical infrastructure sectors were hit last year during an attack spree in France via a trio of zero-day vulnerabilities affecting Ivanti Cloud Service Appliance devices, the country’s cybersecurity agency said in a report released Tuesday. Government agencies and organizations in the telecommunications, media, finance and transportation industries were impacted by widespread zero-day exploits of…
Exploits, Global Security News, Security, Vulnerabilities
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Cisco has patched a max severity flaw in its Unified Communications Manager (Unified CM) and Session Management Edition (Unified CM SME) products that could let attackers walk right in using a hardcoded root login. The enterprise communications giant said the static credentials were intended for internal use only but, unfortunately, were left in a range…
critical-infrastructure-security, Exploits, Global Security News, Vulnerability Management
CISA: Attacks exploiting TeleMessage bugs ongoing
More severe of the vulnerabilities is the TM SGNL Spring Boot Actuator misconfiguration bug, tracked as CVE-2025-48927, which could be abused for memory dump downloads, while the other flaw, tracked as CVE-2025-48928, could be exploited to reveal passwords delivered via HTTP, according to CISA.
Exploits, Global Security News
Automation and Vulnerability Exploitation Drive Mass Ransomware Breaches
ReliaQuest warns that initial access vulnerability exploitation is driving successful ransomware attacks
Apple, CryptoCurrency, cyber attacks, Exploits, Global Security News, malware, Security
N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates
SentinelLabs uncovers NimDoor, new North Korea-aligned macOS malware targeting Web3 and crypto firms. Exploits Nim, AppleScript, and steals Keychain, browser, shell, and Telegram data.
Breaking News, cisco, Exploits, Global Security News, hacking, Security
Cisco removed the backdoor account from its Unified Communications Manager
Digital communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM). A flaw, tracked as CVE-2025-20309 (CVSS score of 10), in Cisco Unified Communications Manager and its Session Management Edition lets remote attackers log in using hardcoded root credentials set during development. Cisco Unified Communications Manager (CUCM) is a call…
Exploits, Global Security News
ClickFix Spin-off Attack Bypasses Key Browser Safeguards
A new threat vector exploits how modern browsers save HTML files, bypassing Mark of the Web and giving attackers another social-engineering attack for delivering malware.
Exploits, Global Security News, Security
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gateway appliances. […]
Exploits, Global Security News
Sixfold surge of ClickFix attacks threatens corporate defenses
Incidents of ClickFix — the social engineering attack technique that tricks users into executing malicious code — are skyrocketing. ClickFix attacks typically involve displaying a fake error or counterfeit CAPTCHA verification with the intent of tricking a prospective victim into copying, pasting, and executing malicious commands on their devices. Attacks typically begin after a user…
ANYRUN, Cybersecurity, Exploits, features, Global Security News, release, Service Updates
Release Notes: Detonation Actions, Enhanced QR Extraction, and 1,400+ New Detection Rules
We’ve packed June with updates designed to make your day-to-day analysis faster, clearer, and easier than before. Whether you’re just getting started or deep into reverse engineering every day, these improvements are here to save you time and help you catch more threats. In this update: Real-time Detonation Action hints that guide you through the…
Exploits, Global Security News, patchconfiguration-management, Threat Intelligence, Vulnerability Management
Actively exploited Chrome zero-day addressed
Updates have been issued by Google to resolve an actively exploited zero-day vulnerability impacting its Chrome browser, tracked as CVE-2025-6554, which is the fourth Chrome zero-day addressed by Google so far this year, The Hacker News reports.
critical-infrastructure-security, Exploits, Global Security News, patchconfiguration-management, Vulnerability Management
Remote attacks likely with severe Microsens vulnerabilities
SecurityWeek reports that organizations, particularly those in critical infrastructure sectors, could be remotely compromised through the exploitation of a trio of flaws impacting Microsens’ NMP Web+ offering, which allows management of industrial switches and other network equipment.
Exploits, Global Security News, Threat and Vulnerability Management
Auf der Suche nach Alternativen zum CVE-Programm
Sollte das CVE-Programm eingestellt werden, wäre die Bewertung und Behebung von Sicherheitslücken schwieriger. Dave Hoeek – shutterstock.com Der jüngste kurze Panikausbruch wegen der möglichen Einstellung des Common Vulnerabilities and Exposures (CVE)-Programms hat die starke Abhängigkeit der Sicherheitsbranche von diesem Programm deutlich gemacht. Er führte zu Diskussionen über Notfallstrategien , falls das standardisierte System zur Identifizierung…
Exploits, Global Security News
Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks
A critical remote code execution (RCE) bug in Anthropic’s Model Context Protocol (MCP) inspector tool could allow attackers to run arbitrary commands on developer machines when they visit a malicious website. MCP inspector is a tool that helps developers test and debug AI agent interactions using Anthropic’s MCP, an open standard that enables AI agents…
Breaking News, Chrome, Exploits, Global Security News, hacking, information security news, IT Information Security
CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025
Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit exists in the wild. Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit is available in the wild. “Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker…
Breaking News, CISA, Exploits, Global Security News, hacking, hacking news, Security
U.S. CISA adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added TeleMessage TM SGNL flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-48927 (CVSS score of 5.3) TeleMessage TM SGNL Initialization of a Resource…
Exploits, Generative AI, Identity and Access Management, Identity Management Solutions, Global Security News
How cybersecurity leaders can defend against the spur of AI-driven NHI
Machine identities pose a big security risk for enterprises, and that risk will be magnified dramatically as AI agents are deployed. According to a report by cybersecurity vendor CyberArk, machine identities — also known as non-human identities (NHI) — now outnumber humans by 82 to 1, and their number is expected to increase exponentially. By…
Exploits, Global Security News, Security
New FileFix attack runs JScript while bypassing Windows MoTW alerts
A new FileFix attack allows executing malicious scripts while bypassing the Mark of the Web (MoTW) protection in Windows by exploiting how browsers handle saved HTML webpages. […]
cyber attack, Cybersecurity, Exploits, fraud, Global Security News, Phishing Scam, Security
Scammers Use Microsoft 365 Direct Send to Spoof Emails Targeting US Firms
Scammers are exploiting Microsoft 365 Direct Send to spoof internal emails targeting US firms bypassing security filters with…
Exploits, Global Security News, Google, Security
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. […]
Exploits, Global Security News
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine. “Type confusion in V8 in Google Chrome prior to 138.0.7204.96…
Exploits, Global Security News
AI supply chain threats loom — as security practices lag
The AI software supply chain is rapidly expanding to include not only open-source development tools but also collaborative platforms where developers share custom models, agents, prompts, and other resources. And with this expansion of third-party AI component and services use comes an expanded security threat — one that in many ways may be more complex,…
Breaking News, CISA, Cyber warfare, Exploits, Global Security News, hacking, intelligence
CISA and U.S. Agencies warn of ongoing Iranian cyber threats to critical infrastructure
U.S. warns of rising Iranian cyber threats exploiting outdated software and weak passwords, with attacks likely to escalate due to recent events. U.S. cybersecurity and intelligence agencies warn of rising cyber threats from Iranian state-linked hackers, expected to escalate. These actors typically exploit outdated software, known vulnerabilities, and weak or default passwords on internet-connected systems.…
Exploits, Global Security News
Three steps to boost Amazon S3 data security
The amount of data in modern systems has skyrocketed beyond what traditional security tools can handle. As organizations embrace AI to boost productivity, security teams face mounting pressure to protect sensitive information across sprawling cloud infrastructures and applications. The velocity of data creation, combined with complex multicloud environments, makes traditional security approaches insufficient. AI systems introduce additional…