Cyber Security News

A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system compromise. The flaw resides in the Deploy Web Service upload mechanism, where insufficient access control validation permits the upload and execution of malicious files. This vulnerability poses a significant risk […]

The post Critical SAP NetWeaver Vulnerability Let Attackers Execute Arbitrary Code And Compromise System appeared first on Cyber Security News.

Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources, how do you prioritize effectively? Investigating each alert in isolation leaves teams reactive, overwhelmed, and ultimately vulnerable to sophisticated attacks that blend into the background noise.  The Alert Triage Dilemma: […]

The post How to Enrich Alerts with Live Attack Data From 15K SOCs  appeared first on Cyber Security News.

Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite. The security patches cover a wide range of software, including Windows, Microsoft Office, Azure, and SQL Server. Among the fixes are 22 Remote Code Execution (RCE) vulnerabilities, making this a significant update for system administrators. […]

The post Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE appeared first on Cyber Security News.

Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in August 2025, this Go-based infostealer leverages a range of evasion tactics, including UPX packing and process masquerading, to slip past conventional defenses. Its operators advertise the malware through social engineering […]

The post Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure appeared first on Cyber Security News.

Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injection vulnerability residing within the product’s command-line interface (CLI). The vulnerability, identified as CWE-78, stems from an improper neutralization of special elements used in an […]

The post FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands appeared first on Cyber Security News.

A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients into divulging their Naver credentials. Distributed on August 25, 2025, the email mimics the official format used by Naver’s secure document service, displaying the sender as “National Tax Service” and […]

The post Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice appeared first on Cyber Security News.

Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked as CVE-2025-9712 and CVE-2025-9872, affect multiple versions of the product. The company has stated that it is not aware of any active exploitation of these flaws in the wild at […]

The post Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.

Penetration Testing as a Service (PTaaS) is a modern evolution of traditional pentesting that combines the speed and efficiency of a platform with the skill of human ethical hackers. Unlike the time-consuming, point-in-time nature of traditional engagements, PTaaS offers a continuous, on-demand, and real-time approach to finding and managing vulnerabilities. In 2025, with rapidly expanding […]

The post Top 10 Best Penetration Testing as a Service (PTaaS) Companies in 2025 appeared first on Cyber Security News.

Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system that compromise both privacy and data integrity. The Viidure mobile application, designed to transfer video evidence from the camera’s onboard Wi-Fi hotspot to cloud servers, was found to communicate over […]

The post Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091 appeared first on Cyber Security News.

A widespread issue with Microsoft’s anti-spam filtering service is preventing some Exchange Online and Microsoft Teams users from opening URLs, disrupting workflows across organizations. The problem, tracked under Microsoft advisory MO1148487, remains ongoing as the company works on a permanent fix. According to Microsoft, the issue stems from an anti-spam detection mechanism that is mistakenly […]

The post Microsoft Anti-Spam Bug Blocks Users From Opening URLs in Exchange Online and Teams appeared first on Cyber Security News.

Cybersecurity researchers have observed the emergence of a novel Android banking trojan, RatOn in recent months that seamlessly combines remote access capabilities with NFC relay technology and Automated Transfer System (ATS) functions. Initially detected in mid-July 2025, RatOn’s multi-stage architecture leverages a dropper application to install subsequent payloads, culminating in full device takeover and fraudulent […]

The post New RatOn Takes Control Over Bank Account and Initiates Automated Money Transfers appeared first on Cyber Security News.

The U.S. Department of the Treasury has unveiled a sweeping sanctions campaign against a network of cyber scam centers across Southeast Asia that collectively stole more than ten billion dollars from American victims in 2024. These operations, often masquerading as legitimate virtual currency investment platforms, relied on sophisticated social engineering techniques to coax users into […]

The post Magento and Adobe SessionReaper Vulnerability Exposes Thousands of Online Stores to Automated Attacks appeared first on Cyber Security News.

Zoom released a security update addressing multiple vulnerabilities in its software, including Zoom Workplace and various clients for Windows and macOS. The patches cover one high-severity flaw and several medium-severity issues, prompting a strong recommendation for users to update their applications immediately to safeguard against potential exploits. The most significant vulnerability fixed in this update […]

The post Zoom Security Update – Patch for Multiple Vulnerabilities in Clients for Windows and macOS appeared first on Cyber Security News.

A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw, identified as CVE-2025-7388, allows for remote code execution (RCE) and affects multiple versions of the software, potentially enabling attackers to execute arbitrary commands with elevated system privileges. The vulnerability resides in the AdminServer component of […]

The post Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out using tools already available on the Windows operating system. The vulnerability was detailed by Zero […]

The post Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack appeared first on Cyber Security News.

In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces stringent controls on Chinese telecom equipment. Beyond its political symbolism, the Mate X6 has become […]

The post Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies appeared first on Cyber Security News.

Security researchers first observed LunaLock in early September 2025, a sophisticated ransomware strain targeting independent illustrators and digital artists. Leveraging compromised credentials and social engineering, the group behind LunaLock has zeroed in on a niche marketplace—Artists & Clients—where freelance creators exchange custom commissions. Initial intrusion involved spear-phishing campaigns disguised as royalty notifications, enticing victims to […]

The post LunaLock Ransomware Attacking Artists to Steal and Encrypt Data appeared first on Cyber Security News.

A massive data breach in early September 2025 attributed to a cyber actor known simply as “Kim” laid bare an unprecedented view into the operational playbook of Kimsuky (APT43). The leak, comprising terminal history files, phishing domains, OCR workflows, compiled stagers, and a full Linux rootkit, revealed a credential-centric campaign that targeted South Korean government […]

The post Exposed ‘Kim’ Dump Exposes Kimsuky Hackers New Tactics, Techniques, and Infrastructure appeared first on Cyber Security News.

A sophisticated cybercriminal campaign has emerged, exploiting Amazon’s Simple Email Service (SES) to orchestrate large-scale phishing operations capable of delivering over 50,000 malicious emails daily. The attack represents a significant evolution in cloud service abuse, transforming AWS’s legitimate bulk email platform into a weapon for credential theft and financial fraud. The campaign begins with compromised […]

The post Hackers Weaponize Amazon Simple Email Service to Send 50,000+ Malicious Emails Per Day appeared first on Cyber Security News.

Qualys has confirmed it was impacted by a widespread supply chain attack that targeted the Salesloft Drift marketing platform, resulting in unauthorized access to a portion of its Salesforce data. The breach originated from a sophisticated cyberattack campaign targeting Salesloft Drift, a third-party Software-as-a-Service (SaaS) application used by Qualys to automate sales workflows and manage […]

The post Qualys Confirms Data Breach – Hackers Accessed Salesforce Data in Supply Chain Attack appeared first on Cyber Security News.