Cyber Security News

A critical flaw in the AWS Client VPN for macOS has been disclosed, presenting a local privilege escalation risk to non-administrator users.  The vulnerability tracked as CVE-2025-11462 allows attackers to gain root privileges by abusing the client’s log rotation mechanism. AWS Client VPN is a managed, client-based VPN service that secures access to AWS and […]

The post Critical AWS ClientVPN for macOS Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Researchers set out to test leading large language models (LLMs) for resilience against the long-standing ASCII Smuggling technique.  By embedding invisible control characters within seemingly harmless text, ASCII Smuggling abuses Unicode “tag” blocks to hide malicious instructions from human reviewers while feeding them directly into the raw input stream consumed by LLMs.  FireTail researcher Viktor […]

The post ASCII Smuggling Attack Lets Hackers Manipulate Gemini to Deliver Smuggled Data to Users appeared first on Cyber Security News.

Three newly disclosed vulnerabilities have been identified in the Lua scripting engine of Redis 7.4.5, each presenting severe risks of remote code execution and privilege escalation.  Redrays has released a detailed proof-of-concept (PoC) to exploit these vulnerabilities, which is now publicly available. Organizations are urged to act immediately. Use-After-Free Flaw (CVE-2025-49844) This vulnerability arises when […]

The post PoC Exploit Released for Critical Lua Engine Vulnerabilities appeared first on Cyber Security News.

OpenAI announced it has banned a series of ChatGPT accounts linked to Chinese state-affiliated hacking groups that used the AI models to refine malware and create phishing content. The October 2025 report details the disruption of several malicious networks as part of the company’s ongoing commitment to preventing the abuse of its AI technologies by […]

The post OpenAI Banned ChatGPT Accounts Used by Chinese and North Korean Hackers to Develop Malware appeared first on Cyber Security News.

Microsoft has issued a warning that both cybercriminals and state-sponsored threat actors are increasingly abusing the features and capabilities of Microsoft Teams throughout their attack chains. The platform’s extensive adoption for collaboration makes it a high-value target, with its core functions for messaging, calls, and screen-sharing being weaponized for malicious purposes. The extensive collaboration features […]

The post Microsoft Warns of Hackers Abuse Teams Features and Capabilities to Deliver Malware appeared first on Cyber Security News.

CISOs face a paradox in their SOCs every day: more data and detections than ever before, yet limited capacity to act on them effectively. Hundreds of alerts stream in daily, but without clear prioritization, the team’s focus is scattered. Critical incidents risk being buried among lower-value events, slowing response and increasing business exposure.    The Cost […]

The post Why Threat Prioritization Is the Key SOC Performance Driver   appeared first on Cyber Security News.

BK Technologies Corporation, a provider of communications equipment for public safety and government agencies, has disclosed a cybersecurity incident in which an unauthorized third party breached its information technology systems and potentially exfiltrated sensitive data. In a recent Form 8-K filing with the U.S. Securities and Exchange Commission (SEC), the company confirmed that it detected […]

The post BK Technologies Data Breach – Hackers Compromise IT Systems and Exfiltrate Data appeared first on Cyber Security News.

Raleigh, United States, October 7th, 2025, CyberNewsWire Report Shows Cross-Training as Strategic Solution to Operational Friction Between Networking and Cybersecurity Teams  INE Security, a leading provider of cybersecurity training and certifications, today announced the results of a global study examining the convergence of networking and cybersecurity disciplines. “Wired Together: The Case for Cross-Training in Networking […]

The post INE Security Releases Industry Benchmark Report: “Wired Together: The Case for Cross-Training in Networking and Cybersecurity” appeared first on Cyber Security News.

Ransomware operators have shifted from opportunistic malware distribution to highly targeted campaigns that exploit legitimate software for stealth and persistence. Emerging in early 2025, several ransomware families began abusing popular remote access tools—such as AnyDesk and Splashtop—to establish footholds within enterprise networks. By hijacking or silently installing these utilities, adversaries bypass security controls that traditionally […]

The post Ransomware Gangs Leverage Remote Access Tools to Gain Persistence and Evade Defenses appeared first on Cyber Security News.

A novel and alarming cybersecurity threat has emerged, turning an ordinary computer peripheral into a sophisticated eavesdropping device. Researchers have detailed a new technique, dubbed the “Mic-E-Mouse” attack, which allows threat actors to exfiltrate sensitive data by exploiting the high-performance optical sensors found in many modern computer mice. This method can covertly capture and reconstruct […]

The post New Mic-E-Mouse Attack Let Hackers Exfiltrate Sensitive Data by Exploiting Mouse Sensors appeared first on Cyber Security News.

In recent months, security researchers have turned their attention to Asgard Protector, a sophisticated crypter employed by cybercriminals to obfuscate and deploy malicious payloads. First advertised on underground forums in late 2023, Asgard Protector has gained traction among threat actors for its seamless integration with popular C2 platforms such as LummaC2. By wrapping infostealers and […]

The post Researchers Reversed Asgard Malware Protector to Uncover it’s Antivirus Bypass Techniques appeared first on Cyber Security News.

A widespread campaign observed exploiting a novel zero-day vulnerability in Oracle E-Business Suite (EBS) applications, now tracked as CVE-2025-61882.  First observed on August 9, 2025, this unauthenticated remote code execution (RCE) flaw is being weaponized to bypass authentication, deploy web shells, and exfiltrate sensitive data from internet-exposed EBS instances.  CrowdStrike assesses with moderate confidence that […]

The post CrowdStrike Warns of New Mass Exploitation Campaign Leveraging Oracle E-Business Suite 0-Day appeared first on Cyber Security News.

The WARMCOOKIE backdoor first surfaced in mid-2024, delivered primarily via recruiting-themed phishing campaigns that coaxed victims into executing malicious documents. Initially designed as a lightweight implant for remote command execution, its modular codebase enabled rapid adaptation to new objectives. Over the past year, targets have included enterprise networks across multiple regions, with operators exploiting malvertising […]

The post Threat Actors Behind WARMCOOKIE Malware Added New Features to It’s Arsenal appeared first on Cyber Security News.

Cisco has released advisories for a zero-day exploit chain affecting its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) software, which is reportedly being used in highly targeted attacks by an unknown threat actor. According to Rapid7, the exploit chain combines two vulnerabilities, CVE-2025-20362 and CVE-2025-20333, to achieve unauthenticated remote code […]

The post Cisco ASA/FTD 0-Day Vulnerability Exploited for Authentication Bypass – PoC Released appeared first on Cyber Security News.

A sophisticated cyberattack has compromised Red Hat Consulting’s infrastructure, potentially exposing sensitive data from over 5,000 enterprise customers worldwide. The breach, executed by the extortion group Crimson Collective, has raised serious concerns about the security of critical business documentation and source code belonging to major corporations, including Vodafone, HSBC, American Express, and Walmart. Red Hat, […]

The post Red Hat Breach Exposes 5000+ High Profile Enterprise Customers at Risk appeared first on Cyber Security News.

A critical deserialization flaw in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035, has already been weaponized by the Storm-1175 group to execute the Medusa ransomware. The vulnerability affects GoAnywhere MFT versions up to 7.8.3. It resides in the License Servlet Admin Console, where a threat actor can forge a license response signature and bypass validation […]

The post GoAnywhere 0-Day RCE Vulnerability Exploited in the Wild to Deploy Medusa Ransomware appeared first on Cyber Security News.

Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as CVE-2025-37728, affects multiple versions of Kibana and could allow a malicious user to access cached CrowdStrike credentials from other users within the same environment. The vulnerability underscores […]

The post Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials appeared first on Cyber Security News.

CISA has issued an urgent security advisory, adding Microsoft Windows privilege escalation vulnerability CVE-2021-43226 to its Known Exploited Vulnerabilities (KEV) catalog on October 6, 2025.  The vulnerability affects the Microsoft Windows Common Log File System (CLFS) Driver and poses significant security risks to enterprise environments. The CVE-2021-43226 vulnerability resides within Microsoft’s Common Log File System […]

The post CISA Warns of Windows Privilege Escalation Vulnerability Exploited in Attacks appeared first on Cyber Security News.

A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability is a bypass of a previous fix for a similar issue (CVE-2023-51385) and exploits how the ProxyCommand feature interacts with the underlying system shell when handling […]

The post OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released appeared first on Cyber Security News.

Oracle has issued an emergency security alert for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite after the notorious Cl0p ransomware group began extorting customers who failed to patch their systems.  The vulnerability, carrying a maximum CVSS score of 9.8, affects the Business Intelligence Publisher (BI Publisher) Integration component and enables remote code execution […]

The post Cl0p Ransomware Actively Exploiting Oracle E-Business Suite 0-Day Vulnerability in the Wild appeared first on Cyber Security News.