Aggregator
CVE-2025-40592 | Siemens Mendix Studio Pro 9 path traversal (ssa-627195 / EUVD-2025-18163)
F5 Labs Top CWEs & OWASP Top Ten Analysis
Phishing Alert as Erie Insurance Reveals Cyber “Event”
Торвальдс сказал «нет» — DAMON не станет частью конфигурации по умолчанию
Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack
A newly disclosed vulnerability, CVE-2025-33073, dubbed the “Reflective Kerberos Relay Attack,” has shaken the Windows security landscape. Discovered by RedTeam Pentesting and patched by Microsoft on June 10, 2025, this flaw allows low-privileged Active Directory users to escalate privileges to NT AUTHORITY\SYSTEM on domain-joined Windows systems that do not enforce SMB signing. The attack leverages […]
The post Windows SMB Client Zero-Day Vulnerability Exploited via Reflective Kerberos Relay Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Машина может остановиться в пути — китайские GPS-трекеры делают это возможным
CISA Releases Guide to Protect Network Edge Devices From Hackers
CISA and international cybersecurity partners have released a comprehensive suite of guidance documents aimed at protecting critical network edge devices from increasingly sophisticated cyberattacks. This coordinated effort, involving cybersecurity authorities from nine countries, including Australia, Canada, the United Kingdom, and Japan, addresses the growing threat to firewalls, routers, VPN gateways, and other internet-facing network infrastructure. […]
The post CISA Releases Guide to Protect Network Edge Devices From Hackers appeared first on Cyber Security News.
首个AI Agent零点击漏洞曝光:一封邮件窃取企业AI任意敏感数据
美国陆军正式组建首支电磁攻防和支援专职连队
File Data: The Hidden Ransomware Threat Costing Enterprises Millions
Your weakest link doesn’t have to stay weak. Rethink file data management strategy today to secure your organization’s data—and trust.
The post File Data: The Hidden Ransomware Threat Costing Enterprises Millions appeared first on Security Boulevard.
Hackers Advertising New Blackhat Tool Nytheon AI on Popular Hacking Forums
A sophisticated new threat platform, Nytheon AI, has emerged, which combines multiple uncensored large language models (LLMs) built specifically for malicious activities. The platform, discovered by Cato CTRL, is being actively promoted on popular hacking forums, including XSS and various Telegram channels, representing a significant evolution in how threat actors are leveraging artificial intelligence for […]
The post Hackers Advertising New Blackhat Tool Nytheon AI on Popular Hacking Forums appeared first on Cyber Security News.
OneDrive, Teams, Outlook — за обычными иконками теперь прячется незваный гость
CVE-2024-42009
Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate Management
As organizations scale and adopt cloud-native architectures, the way they manage encryption — particularly how they issue, track and rotate certificates — has never been more critical.
The post Why Open-Source Encryption and Automated Key Rotation Aren’t Enough Without Certificate Management appeared first on Security Boulevard.