Aggregator

Microsoft has released an emergency out-of-band security update to address a critical issue affecting Windows reset and recovery operations across multiple versions of the operating system. The patch, released on August 19, 2025, resolves problems that emerged after users installed the August 2025 Windows security update, causing some reset and recovery attempts to fail on […]

The post Microsoft Issues Emergency Patch for Windows Reset and Recovery Bug appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Technology can’t fix the biggest cybersecurity threat — people. Human risk management uses behavioral data, targeted interventions, and measurable outcomes to turn the workforce from weakest link to strongest defense.

The post Apply Human-Centric Cybersecurity to Solve the Unpatchable Threat appeared first on Security Boulevard.

Security researchers have disclosed a critical vulnerability in Kubernetes Capsule v0.10.3 and earlier versions that allows authenticated tenant users to inject arbitrary labels into system namespaces, fundamentally breaking multi-tenant isolation. The vulnerability, tracked as CVE-2025-55205 with a CVSS score of 9.9, enables attackers to bypass security boundaries and access cross-tenant resources, potentially leading to cluster-wide compromise. Vulnerability […]

The post Kubernetes Capsule Vulnerability Enables Attackers to Inject Arbitrary Labels appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A working exploit concatenating two critical SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999) that have been previously exploited in the wild has been made public by VX Underground, Onapsis security researchers have warned. The exploit has allegedly been released on a Telegram channel that claimed to represent a collective of three established cybercrime groups: Scattered Spider, ShinyHunters, and LAPSUS$. Historical exploitation of CVE-2025-31324 Earlier this year, a suspected initial access broker group abused CVE-2025-31324 – a missing … More →

The post Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999) appeared first on Help Net Security.

You must login to view this content

Cybersecurity researchers have uncovered a sophisticated attack campaign where hackers exploiting a critical Apache ActiveMQ vulnerability are taking the unusual step of patching the security flaw after gaining access to victim systems. The Red Canary Threat Intelligence team observed this counterintuitive behavior across dozens of compromised cloud-based Linux servers, revealing a strategic approach to maintaining […]

The post Hackers Exploit Apache ActiveMQ Flaw to Breach Cloud Linux Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.