Aggregator

You must login to view this content

A high-severity vulnerability has been disclosed in BIND 9, the widely used DNS server software responsible for domain name resolution across millions of internet services. The vulnerability, tracked as CVE-2025-13878, enables remote attackers to crash DNS servers by sending specially crafted, malformed DNS records, potentially disrupting critical internet infrastructure and organizational services. The vulnerability stems […]

The post BIND 9 Vulnerability Allow Attackers to Crash Server by Sending Malicious Records appeared first on Cyber Security News.

Security researchers have identified a sophisticated multi-stage malware campaign targeting Windows systems through social engineering and weaponized cloud services. The attack employs business-themed documents as deceptive entry points, luring users into extracting compressed archives containing malicious shortcuts that execute PowerShell commands in the background. Once initiated, the infection chain systematically neutralizes Microsoft Defender before delivering […]

The post New Multi-Stage Windows Malware Disables Microsoft Defender Before Dropping Malicious Payloads appeared first on Cyber Security News.

A critical code-injection vulnerability has been identified in the Node.js binary-parser library, affecting all versions before 2.3.0. The flaw allows attackers to execute arbitrary JavaScript code if untrusted input is used to construct parser definitions, potentially compromising application integrity and system security. The binary-parser library, designed to facilitate writing efficient binary parsers in a simple, […]

The post Critical Vulnerability in Binary-Parser Library for Node.js Allows Malicious Code injection appeared first on Cyber Security News.