Aggregator

In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […]

The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.

文章描述了一起冒充医生的短信诈骗案例，骗子声称批准了一种减肥药物处方并附带可疑链接。分析发现该短信存在多处可疑迹象，包括发件人身份不明、药物未经面对面咨询、地理位置不符以及链接指向钓鱼网站等。提醒公众警惕此类骗局，并提供防范建议。

A vulnerability was found in Azon Dominator PHP Script. It has been rated as problematic. This vulnerability affects unknown code of the file /search of the component URL Handler. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2025-40725. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in Grandstream Wave up to 1.27.8 on Windows. It has been declared as problematic. This affects an unknown part of the file wave.exe. The manipulation results in uncontrolled search path. This vulnerability is known as CVE-2025-40979. Attacking locally is a requirement. No exploit is available. It is recommended to upgrade the affected component.

Fileless malware has become a formidable adversary for security teams, operating entirely in memory and evading disk-based detection. A recent incident demonstrates how attackers leveraged a multi-stage fileless loader to deploy AsyncRAT, a powerful Remote Access Trojan (RAT), through legitimate system tools—leaving almost no footprint on disk. This case study highlights critical techniques for persistence, […]

The post AsyncRAT Leverages Fileless Techniques to Bypass Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in UPDF 1.8.5.0 on Windows. It has been classified as problematic. Affected by this issue is some unknown functionality in the library C:\Users\Public\AppData\LOCAL\UPDF\FREngine\Bin64\FREngine.dll of the file UPDF.exe. The manipulation leads to uncontrolled search path. This vulnerability is traded as CVE-2025-10215. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in UPDF 1.8.5.0 on Windows and classified as problematic. Affected by this vulnerability is an unknown functionality in the library C:\Users\AppData\LOCAL\UPDF\FREngine\Bin64\FREngine.dll of the file UPDF.exe. Executing manipulation can lead to uncontrolled search path. This vulnerability appears as CVE-2025-10214. The attack requires local access. There is no available exploit.

A vulnerability has been found in UPDF 1.8.5.0 on Windows and classified as problematic. Affected is an unknown function in the library C:\Users\AppData\LOCAL\Microsoft\WindowsApps\dxtn.dll of the file UPDF.exe. Performing manipulation results in uncontrolled search path. This vulnerability is reported as CVE-2025-10213. The attack requires a local approach. No exploit exists.

This survey, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance, warns that rapid cloud and AI adoption, combined with insecure identities and a reactive posture, leave organizations exposed. The report urges a strategic shift to preventive security with a unified view of risk and mature identity governance. 

Key takeaways

1. Organizations are quickly adopting cloud and AI technologies without adequate security, creating significant exposure to preventable breaches.
2. Identity now drives most breaches, yet many organizations rely on basic controls, overlooking deeper governance gaps.
3. A strategic shift from a reactive, incident-based security posture to a proactive, unified and preventive approach is necessary to manage cloud and AI risks effectively.

Bad news first: While eagerly embracing cloud and AI, many organizations lack proper cybersecurity guardrails, creating a dangerous gap. 

The good news? These organizations can tame AI and cloud threats by shifting toward preventive security and gaining a clear, integrated visibility across their environment.

That’s the main takeaway from the new research report “The State of Cloud and AI Security 2025,” commissioned by Tenable and developed in collaboration with the Cloud Security Alliance.

Let's break down the report’s main findings and what you can do about it.

The modern attack surface is wide and fragmented

Here’s security teams’ new reality: They must protect a sprawling, complicated environment that’s partly on premises and partly across multiple cloud providers, with new AI tools sprouting up all over the place.

The report, based on a survey of 1,025 IT and security professionals worldwide, found that:

• 82% work in hybrid environments
• 63% juggle two or more cloud providers
• 55% already use AI, while another 34% are testing it

In short, organizations are going gaga over all things cloud and AI – but in many cases their cloud security plans fall short at protecting this extended and splintered attack surface. 

Let’s look at some of the key obstacles.

Weak identity and access management

Many organizations use rudimentary identity and access management (IAM) protection methods. This is a problem, because identities make up the security perimeter in these borderless, heterogeneous environments. 

For a whopping 59% of respondents, insecure identities and risky permissions ranked as their biggest security risk. They listed three identity-related issues among the top four causes for their cloud breaches:

• Excessive permissions, such as overprivileged accounts or roles (31%)
• Inconsistent access controls across cloud environments (27%)
• Weak identity hygiene, such as lack of multi-factor authentication (27%)

In addition, when asked about their top cloud security challenges, they said their cloud and IAM teams aren’t on the same page (28%); and they’re struggling to enforce least privilege access (21%). 

Another problem: Organizations’ methods for monitoring identity risk are basic, with few tracking metrics for issues such as privilege misuse and access anomalies.

“The data paints a picture of identity as both a well-recognized threat and a still-maturing discipline in secure management,” the report reads. 

To enhance IAM security, the report’s recommendations include:

• Restructuring IAM programs and systems
• Improving coordination between cloud and IAM teams
• Shifting to more dynamic indicators of identity risk and resilience

Look Ma, no hands! Racing ahead with AI without sufficient security controls

With 89% of organizations either using AI (55%) or piloting it (34%), cybersecurity teams are scrambling to secure these systems: Already, 34% have suffered an AI-related breach.

“Organizations are moving fast to deploy AI, but their understanding of where the risks lie – and how to mitigate them – still appears immature,” the report reads.

For starters, security teams are worrying about the wrong things. They’re focused on emerging threats like AI model manipulation. But their attention should be on cyber’s usual suspects: unpatched software, insider threats, misconfigured settings and weak credential authentication.

“This misalignment suggests that many security programs are still treating AI as fundamentally novel, rather than applying proven cloud and identity security principles to these new systems,” the report reads.

(Source: "State of Cloud and AI Security 2025" report, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance)

Other weak spots: Reactive security, skills gap

The report goes on to unpack other cloud and AI security obstacles, including:

• The skills gap: About one-third of respondents cited lack of expertise as their top challenge, which leads to fuzzy strategies; insufficient budgets; and misunderstanding of cloud risks by executive leaders.
• A reactive security posture: Respondents’ most commonly tracked key performance indicator (KPI) is the frequency and severity of security incidents (43%). This signals a rearview-mirror approach that prioritizes crisis response over proactive risk reduction – a misguided strategy because most cloud and AI breaches are preventable.

How do we fix this?

The report offers a wake-up call for teams tasked with cloud and AI security, pressing for a strategic shift away from fragmented tools, immature identity practices and a reactive mindset.

Already, some respondents are taking steps in the right direction by, for example, adopting exposure management (58%) for unified security monitoring and risk prioritization; and cloud security posture management (57%).

(Source: "State of Cloud and AI Security 2025" report, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance)

The report’s recommendations include: 

• Get a single view of everything: Integrated visibility and controls are foundational for managing complexity across on-prem, cloud and AI workloads.
• Beef up your identity security: Enhance identity governance for all human and non-human identities that need access.
• Focus on prevention, not just reaction: Moving from reactive to proactive security is key to staying ahead of evolving threats.

“Security maturity depends on strategic alignment and risk-driven planning. Organizations that move beyond point solutions and reactive operations will be better equipped to secure evolving cloud and AI environments,” the report reads.

To get all the AI and cloud security insights, download the "State of Cloud and AI Security 2025" report today!

A vulnerability, which was classified as problematic, was found in Freshwork up to 1.2.3. This impacts an unknown function of the file /api/v2/logout. Such manipulation of the argument post_logout_redirect_uri leads to open redirect. This vulnerability is documented as CVE-2025-10229. The attack can be executed remotely. Additionally, an exploit exists. You should upgrade the affected component. The vendor was contacted early about this disclosure but did not respond in any way.

At least 29 people are dead and the prime minister has resigned following days of protests in Nepal over a social media ban that officials eventually lifted.

Почему жертв рабства не спешат спасать, и кто зарабатывает на их страданиях?

Submit #641089 / VDB-323487

GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks. The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, […]

The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.

瑞士公司SwissBorg的合作伙伴Kiln遭网络攻击，导致价值约4100万美元的加密货币被盗。受影响用户约占1%，SwissBorg已暂停Solana质押交易，并与安全公司合作调查事件，承诺补偿客户。

A flaw in the Cursor extension allows unauthorized code execution when opening repositories in Visual Studio

A high-quality mobile application penetration testing company is essential for businesses that want to safeguard their digital assets and user data. These specialized firms employ ethical hackers who simulate real-world cyberattacks to identify and exploit vulnerabilities within mobile apps. The insights from these tests enable developers to fix security flaws before they can be leveraged […]

The post Top 10 Best Mobile Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.

Defensie gaat eigen Nederlandse satellietcapaciteit ontwikkelen. Tot nu toe maakte de organisatie gebruik van door andere partijen geleverde technologie. Zelf het informatiesysteem creëren maakt de krijgsmacht minder afhankelijk. Defensie kan dan eigen satellieten inzetten om inlichtingen te verzamelen. Staatssecretaris Gijs Tuinman maakte dit maandag bekend. Gisteren verdiepte hij zich onder meer in satellieten in Londen. Dat gebeurde tijdens de Defence and Security Equipment International (DSEI).

Content creators and small businesses are facing a sophisticated new threat targeting their Facebook accounts through deceptive advertisements promising free Meta verification badges. A new malvertising campaign is targeting Facebook users with malicious ads that promise to unlock Meta’s coveted blue verification tick through a seemingly legitimate browser extension. These ads, accompanied by instructional videos, […]

The post Meta Verified Scam Ads on Facebook Steal User Account Details appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft修复了8月安全更新引发的问题,该问题导致非管理员用户在所有Windows版本中出现意外的UAC提示和应用安装故障,并调整了UAC策略以缓解相关漏洞影响。