Aggregator

You must login to view this content

GitLab has released critical security patches across multiple versions to address several high-severity vulnerabilities that could allow attackers to execute unauthorized actions through malicious content injection.  The latest patch releases 18.1.2, 18.0.4, and 17.11.6 for both Community Edition (CE) and Enterprise Edition (EE) contain essential security fixes that require immediate attention from all self-managed GitLab […]

The post GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content appeared first on Cyber Security News.

You must login to view this content

Multiple critical vulnerabilities have been discovered in Ruckus Wireless management products, specifically Virtual SmartZone (vSZ) and Network Director (RND), potentially allowing complete compromise of enterprise wireless environments.  These vulnerabilities, disclosed on July 8, 2025, affect wireless network management systems that can scale up to 10,000 access points and 150,000 connected clients, making them particularly concerning […]

The post Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks appeared first on Cyber Security News.

The U.K.’s National Crime Agency claims the four were involved in attacks on Marks & Spencer. The cybersecurity industry attributed those attacks to Scattered Spider.

The post UK arrests four for cyberattacks on major British retailers appeared first on CyberScoop.

Four individuals suspected of having been involved in the ransomware attacks that hit UK-based retailers earlier this year have been arrested by the UK National Crime Agency. “Two males aged 19, another aged 17, and a 20-year-old female were apprehended in the West Midlands and London this morning (10 July) on suspicion of Computer Misuse Act offences, blackmail, money laundering and participating in the activities of an organised crime group,” the NCA said. “All four … More →

The post Four arrested in connection with M&S, Co-op ransomware attacks appeared first on Help Net Security.

A critical remote code execution vulnerability in GeoServer has become a prime target for cybercriminals deploying cryptocurrency mining malware across global networks. The vulnerability, designated CVE-2024-36401, affects the popular open-source Geographic Information System server written in Java, which provides essential platforms for spatial data processing in numerous organizations worldwide. Since the vulnerability’s disclosure in 2024, […]

The post Hackers Exploiting GeoServer RCE Vulnerability to Deploy CoinMiner appeared first on Cyber Security News.