Aggregator

Threat Actors Leverage SharePoint Services in Sophisticated AiTM Phishing Campaign

Cyber Security News
2 months 3 weeks ago

Microsoft Defender researchers have exposed a sophisticated adversary-in-the-middle (AiTM) phishing campaign targeting energy sector organizations through SharePoint file-sharing abuse. The multi-stage attack compromised multiple user accounts and evolved into widespread business email compromise (BEC) operations across several organisations. Initial Compromise Through Trusted Vendor The attack began with phishing emails sent from a compromised trusted vendor’s […]

The post Threat Actors Leverage SharePoint Services in Sophisticated AiTM Phishing Campaign appeared first on Cyber Security News.

Dhivya

New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector

The Hackers News
2 months 3 weeks ago
The Russian nation-state hacking group known as Sandworm has been attributed to what has been described as the "largest cyber attack" targeting Poland's power system in the last week of December 2025. The attack was unsuccessful, the country's energy minister, Milosz Motyka, said last week. "The command of the cyberspace forces has diagnosed in the last days of the year the strongest attack on
The Hacker News

Who Approved This Agent? Rethinking Access, Accountability, and Risk in the Age of AI Agents

The Hackers News
2 months 3 weeks ago
AI agents are accelerating how work gets done. They schedule meetings, access data, trigger workflows, write code, and take action in real time, pushing productivity beyond human speed across the enterprise. Then comes the moment every security team eventually hits: “Wait… who approved this?” Unlike users or applications, AI agents are often deployed quickly, shared broadly,
The Hacker News

CVE-2026-21987 | Oracle VM VirtualBox 7.1.14/7.2.4 Core Local Privilege Escalation (EUVD-2026-3525 / Nessus ID 296414)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Oracle VM VirtualBox 7.1.14/7.2.4. This affects an unknown part of the component Core. This manipulation causes Local Privilege Escalation. This vulnerability is handled as CVE-2026-21987. It is possible to launch the attack on the local host. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-21990 | Oracle VM VirtualBox 7.1.14/7.2.4 Core Local Privilege Escalation (EUVD-2026-3522 / Nessus ID 296414)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Oracle VM VirtualBox 7.1.14/7.2.4. This vulnerability affects unknown code of the component Core. Such manipulation leads to Local Privilege Escalation. This vulnerability is uniquely identified as CVE-2026-21990. Local access is required to approach this attack. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2026-21988 | Oracle VM VirtualBox 7.1.14/7.2.4 Core Local Privilege Escalation (EUVD-2026-3524 / Nessus ID 296414)

Vuldb Updates
2 months 3 weeks ago
A vulnerability has been found in Oracle VM VirtualBox 7.1.14/7.2.4 and classified as critical. This issue affects some unknown processing of the component Core. Performing a manipulation results in Local Privilege Escalation. This vulnerability was named CVE-2026-21988. The attack needs to be approached locally. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2026-21982 | Oracle VM VirtualBox 7.1.14/7.2.4 Core improper authentication (EUVD-2026-3530 / Nessus ID 296414)

Vuldb Updates
2 months 3 weeks ago
A vulnerability described as critical has been identified in Oracle VM VirtualBox 7.1.14/7.2.4. Affected is an unknown function of the component Core. Executing a manipulation can lead to improper authentication. This vulnerability appears as CVE-2026-21982. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The Hackers News
2 months 3 weeks ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the
The Hacker News

CVE-2025-43531 | WebKitGTK/WPE WebKit up to 2.50.3 Web race condition (Nessus ID 279093 / WID-SEC-2025-2891)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in WebKitGTK and WPE WebKit up to 2.50.3. This issue affects some unknown processing of the component Web Handler. This manipulation causes race condition. This vulnerability is tracked as CVE-2025-43531. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-43531 | Apple iOS/iPadOS/tvOS/Safari/visionOS/macOS/watchOS up to 26.1 Web race condition (Nessus ID 279093 / WID-SEC-2025-2891)

Vuldb Updates
2 months 3 weeks ago
A vulnerability was found in Apple iOS, iPadOS, tvOS, Safari, visionOS, macOS and watchOS up to 26.1 and classified as problematic. This vulnerability affects unknown code of the component Web Handler. Executing a manipulation can lead to race condition. The identification of this vulnerability is CVE-2025-43531. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-43535 | WebKitGTK/WPE WebKit up to 2.50.3 Web memory corruption (Nessus ID 279093 / WID-SEC-2025-2891)

Vuldb Updates
2 months 3 weeks ago
A vulnerability, which was classified as critical, was found in WebKitGTK and WPE WebKit up to 2.50.3. Impacted is an unknown function of the component Web Handler. Such manipulation leads to memory corruption. This vulnerability is listed as CVE-2025-43535. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2025-68276 | Avahi up to 0.9-rc2 mDNS/DNS-SD RecordBrowserNew assertion (EUVD-2025-206280 / Nessus ID 282612)

Vuldb Updates
2 months 3 weeks ago
A vulnerability identified as problematic has been detected in Avahi up to 0.9-rc2. The affected element is the function RecordBrowserNew of the component mDNS/DNS-SD. This manipulation causes reachable assertion. The identification of this vulnerability is CVE-2025-68276. The attack can only be executed locally. There is no exploit available.
vuldb.com

Managed ad