Aggregator

A vulnerability was found in Mozilla Thunderbird up to 139. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-6436. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 139 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component WebCompat Extension. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-6425. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Hitachi Energy MicroSCADA X SYS600 up to 10.6. Affected is an unknown function of the component TLS Protocol Handler. The manipulation leads to improper certificate validation. This vulnerability is traded as CVE-2025-39205. It is possible to launch the attack remotely. There is no exploit available.

Самый популярный мессенджер Meta больше не жалуют во власти. Может,  нам стоит бояться?

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page - Those that save collected data to a local file

A critical security vulnerability has been discovered in Performave Convoy that allows unauthenticated remote attackers to execute arbitrary code on affected servers.  The vulnerability, identified as CVE-2025-52562, affects all versions from 3.9.0-rc.3 through 4.4.0 of the ConvoyPanel/panel package.  Security researcher AnushK-Fro reported the vulnerability five days ago, receiving a critical severity rating with a perfect […]

The post Critical Convoy Vulnerability Let Attackers Execute Remote Code on Affected Servers appeared first on Cyber Security News.

A notorious threat actor known as “xperttechy” is actively promoting a new version of the EagleSpy remote access Trojan (RAT), dubbed EagleSpy v5, on a prominent dark web forum. Marketed as a “lifetime activated” tool, EagleSpy v5 is raising alarms within the cybersecurity community due to its extensive feature set and its ability to operate […]

The post EagleSpy v5 RAT Promoted by Hacker for Stealthy Android Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Хакеры обчистили британский ритейл за одну ночь.

Defensie en de Delftse startup Lobster Robotics gaan samenwerken met een onderwaterdrone, Scout genaamd. De marine gebruikt deze als onderdeel van een speciaal project: het Rapid Adoption Action Plan (RAAP). Dit is bedoeld om nieuwe technologieën snel voor de NAVO in te zetten. 

Four convicted members of the REvil cybercrime gang were released from custody after being sentenced in St. Petersburg for offenses related to payment card fraud.

Contrast Security launched Application Detection and Response (ADR) in August of 2024, and now, in a new Gartner research note, ADR is a topic. The 2025 Gartner® Implement Effective Application and API Security Controls (accessible to Gartner clients only)*, by William Dupre, discusses today’s complex problem: 

The post Application and API Security Can’t Rely Solely on Perimeter Defenses or Scanners | Notes on Gartner AppSec Research | Contrast Security appeared first on Security Boulevard.

在为期十天的比赛中，奇安信代码安全实验室针对多家主流汽车厂商的产品展开深入分析，成功挖掘出22个0day漏洞，其中包括1个超危漏洞，6个高危漏洞。

A critical security flaw has been discovered and patched in the Zimbra Collaboration Suite (ZCS) Classic Web Client, exposing millions of business users to the risk of arbitrary JavaScript execution through stored cross-site scripting (XSS). Tracked as CVE-2025-27915, this vulnerability affects ZCS versions 9.0, 10.0, and 10.1 prior to the latest patch releases, and is […]

The post Zimbra Classic Web Client Vulnerability Allows Arbitrary JavaScript Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

When malware infiltrates a system, it doesn’t always make noise. In fact, some of the most dangerous threats operate quietly embedding themselves deep within the system and ensuring they come back even after a reboot. One of the most common ways they achieve this is by abusing the Windows Registry.  In this article, we’ll walk […]

The post How to Spot Registry Abuse by Malware: Examples in ANY.RUN Sandbox  appeared first on ANY.RUN's Cybersecurity Blog.

Russia-linked group APT28 uses Signal chats as an attack vector to phish Ukrainian officials with new malware strains. Russia-linked cyberespionage group APT28 is targeting Ukrainian government officials using Signal chats to deliver two new types of malware, tracked as BeardShell and SlimAgent. While Signal itself remains secure, attackers are exploiting its growing popularity in official […]

Cobalt found that many security professionals believe a “strategic pause” in genAI deployment is necessary to recalibrate defenses

The Department of Homeland Security has issued a critical advisory warning of escalating cyber threats from pro-Iranian hacktivist groups targeting United States networks, as tensions between Iran and the US reach a dangerous new peak following recent military exchanges. The warning comes in the aftermath of Iran’s Islamic Revolutionary Guard Corps firing missiles at US […]

The post Pro-Iranian Hacktivists Targeting US Networks Department of Homeland Security Warns appeared first on Cyber Security News.

A vulnerability, which was classified as problematic, has been found in Hitachi Energy MicroSCADA X SYS600 up to 10.6. This issue affects some unknown processing of the component Web Interface. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-39204. The attack may be initiated remotely. There is no exploit available.