Aggregator

Multiple critical vulnerabilities in Microsoft Office could allow attackers to execute arbitrary code on affected systems.  The vulnerabilities, tracked as CVE-2025-47162, CVE-2025-47953, CVE-2025-47164, and CVE-2025-47167, all carry a CVSS score of 8.4 out of 10 and affect numerous Office versions across Windows, Mac, and Android platforms.  Security researcher 0x140ce discovered these flaws, which exploit fundamental […]

The post Microsoft Office Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.

You must login to view this content

You must login to view this content

More than 20,000 malicious IP addresses and domains linked to information stealers have been taken down in an INTERPOL-coordinated operation against cybercriminal infrastructure. The four-month international crackdown, dubbed Operation Secure, represents one of the most significant coordinated efforts to disrupt infostealer malware networks across the Asia-Pacific region. During Operation Secure, which ran from January to […]

The post Operation Secure: 20,000 Malicious IPs and Domains Linked to 69 Malware Variants Dismantled appeared first on Cyber Security News.

The urgency stems from requirements imposed by technology partners, which necessitated an accelerated timeline for implementation across all affected products. This security initiative follows a pattern of heightened vigilance from ConnectWise throughout 2025, particularly after the company disclosed suspicious activity in May that was attributed to a sophisticated nation-state actor affecting a limited number of […]

The post ConnectWise to Rotate Code Signing Certificates for ScreenConnect, Automate and RMM appeared first on Cyber Security News.

You must login to view this content

You must login to view this content

You must login to view this content

Author/Presenter: Chariton Karamitas

Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending the OffensiveCon 25 conference.

Permalink

The post OffensiveCon25 – KernelGP: Racing Against The Android Kernel appeared first on Security Boulevard.

You must login to view this content

Penetration testing is an essential tool for businesses looking to protect their IT networks and data from malicious actors. As the cyber threat continues to evolve and increase in sophistication, regular penetration testing has never been more critical. Penetration testers – sometimes known as ethical hackers – simulate real-world attacks to identify vulnerabilities and weaknesses…

The post What are the legal aspects of penetration testing? appeared first on Sentrium Security.

The post What are the legal aspects of penetration testing? appeared first on Security Boulevard.

You must login to view this content

Connectwise customers who use the company’s ScreenConnect, Automate, and ConnectWise RMM solutions are urged to update all agents and/or validate that the update has been deployed by Friday, June 13 at 8:00 p.m. ET, or risk disruptions. The reason for the warning is the imminent revocation of digital certificates that have been used to sign previous Connectwise software builds, “due to concerns raised by a third-party researcher about how ScreenConnect could potentially be misused by … More →

The post Connectwise is rotating code signing certificates. What happened? appeared first on Help Net Security.