Cyber Security News

A severe vulnerability in the popular better-auth library’s API keys plugin enables attackers to generate privileged credentials for any user without authentication. Dubbed CVE-2025-61928, the issue affects better-auth, a TypeScript authentication framework downloaded around 300,000 times weekly on npm. This flaw could lead to widespread account compromises, particularly for applications relying on API keys for […]

The post Better Auth API keys Vulnerability Let Attackers Create Privileged Credentials For Arbitrary Users appeared first on Cyber Security News.

A sophisticated vulnerability in Microsoft 365 Copilot (M365 Copilot) that allows attackers to steal sensitive tenant data, including recent emails, through indirect prompt injection attacks. The flaw, detailed in a blog post published today by researcher Adam Logue, exploits the AI assistant’s integration with Office documents and its built-in support for Mermaid diagrams, enabling data […]

The post Microsoft 365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data appeared first on Cyber Security News.

Wilmington, Delaware, October 21st, 2025, CyberNewsWire Sendmarc has announced the appointment of Dan Levinson as Customer Success Director – North America, furthering the company’s regional expansion and commitment to providing expert, locally aligned support to organizations across the continent. Levinson will lead the development of customer success programs that help businesses strengthen their email security […]

The post Sendmarc appoints Dan Levinson as Customer Success Director in North America appeared first on Cyber Security News.

CISA has issued an urgent alert about a critical server-side request forgery (SSRF) vulnerability in Oracle E-Business Suite, now actively exploited by threat actors. Tracked as CVE-2025-61884, the flaw affects the Runtime component of Oracle Configurator and allows remote attackers to forge requests without authentication, potentially leading to unauthorized access and data exfiltration. This vulnerability, […]

The post CISA Warns Of Oracle E-Business Suite SSRF Vulnerability Actively Exploited In Attacks appeared first on Cyber Security News.

Over the summer of 2025, a novel malware family emerged following the public disclosure of the LOSTKEYS implant. This new strain was rapidly weaponized in a series of highly targeted campaigns against policy advisors, non-governmental organizations, and dissidents. Leveraging a refreshed lure known as COLDCOPY ClickFix, threat actors masqueraded the payload as a CAPTCHA verification […]

The post New LOSTKEYS Malware Linked to Russia State-Sponsored Hacker Group COLDRIVER appeared first on Cyber Security News.

Motex has disclosed a severe remote code execution vulnerability in its LANSCOPE Endpoint Manager On-Premise Edition. Assigned CVE-2025-61932, the flaw carries a CVSS 3.0 score of 9.8, classifying it as an emergency-level threat. This vulnerability could allow attackers to execute arbitrary code on affected systems, potentially leading to full compromise of endpoint devices. The issue […]

The post LANSCOPE Endpoint Manager Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

Over the past several months, cybersecurity researchers have observed a surge of fraudulent Chrome extensions masquerading as legitimate WhatsApp Web automation tools. These 131 rebranded clones, each presenting as distinct offerings, share an identical codebase designed to automate bulk messaging and scheduling without user consent. By injecting custom scripts directly into the WhatsApp Web interface, […]

The post 131 Malicious Extensions Targeting WhatsApp Used Found in Chrome Web Store appeared first on Cyber Security News.

A critical vulnerability in Zyxel’s ATP and USG series firewalls that allows attackers to bypass authorization controls and access sensitive system configurations. Dubbed CVE-2025-9133, this flaw affects devices running firmware versions up to V5.40(ABPS.0) and enables unauthorized viewing and downloading of configs even during the two-factor authentication (2FA) process. Disclosed on August 14, 2025, the […]

The post ZYXEL Authorization Bypass Vulnerability Let Attackers View and Download System Configuration appeared first on Cyber Security News.

Microsoft has disclosed a serious security flaw in ASP.NET Core that enables authenticated attackers to smuggle HTTP requests and evade critical protections. Tracked as CVE-2025-55315, the vulnerability stems from inconsistent handling of HTTP requests, a classic issue known as HTTP request/response smuggling. Released on October 14, 2025, this flaw affects developers relying on the popular […]

The post Critical ASP.NET Vulnerability Allows Attacker To Bypass Security Feature Remotely appeared first on Cyber Security News.

Amazon Web Services (AWS), the world’s largest cloud computing provider, has officially marked a widespread outage in its US-EAST-1 region as resolved, following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident, which began late on October 19, 2025, and persisted until early afternoon on October 20, highlighted the […]

The post AWS Declares Major Outage Resolved After Nearly 24 Hours of Disruption appeared first on Cyber Security News.

A persistent campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with attackers deploying over 30,000 new IP addresses daily to exploit timing-based vulnerabilities. This coordinated effort, linked to a global botnet, has seen unique IPs surge past 500,000 since September 2025, primarily aiming at U.S.-based systems. The attacks focus on two key vectors: RD Web […]

The post Hackers Attacking Remote Desktop Protocol Services With 30,000+ New IP Addresses Daily appeared first on Cyber Security News.

A Reddit poster detailed how reinstalling Windows 11 unexpectedly encrypted two of their backup drives with BitLocker, locking away 3TB of irreplaceable data without any prior setup. The incident, shared onReddit, highlights the risks of Microsoft’s automatic encryption feature in Windows 11, which can activate silently during routine maintenance like OS reinstalls.​ The user, running […]

The post Automatic BitLocker Encryption May Silently Lock Away Your Data appeared first on Cyber Security News.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 20, 2025, highlighting a severe vulnerability CVE-2025-33073 in Microsoft’s Windows SMB Client. Dubbed an improper access control flaw, this vulnerability tracked under CVE details yet to be fully specified poses a significant risk of privilege escalation for attackers worldwide. As cyber threats […]

The post CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.

The Shadowserver Foundation has uncovered more than 71,000 internet-exposed WatchGuard devices running vulnerable versions of Fireware OS. The flaw, tracked as CVE-2025-9242, stems from an out-of-bounds write vulnerability in the IKEv2 implementation, potentially allowing remote attackers to execute arbitrary code without authentication. Disclosed earlier this year, the issue highlights the dangers of unpatched firewalls in […]

The post 71,000+ WatchGuard Devices Vulnerable to Remote Code Execution Attacks appeared first on Cyber Security News.

A critical zero-click vulnerability in Dolby Digital Plus (DDP) audio decoding software has been disclosed, allowing attackers to execute malicious code remotely via seemingly innocuous audio messages. Google Project Zero’s Ivan Fratric and Natalie Silvanovich have identified an out-of-bounds write flaw in the DDPlus Unified Decoder, which processes evolution data in audio files. This bug […]

The post Dolby Digital Plus 0-Click Vulnerability Enables RCE Attack via Malicious Audio on Android appeared first on Cyber Security News.

A widespread Amazon Web Services (AWS) outage on Monday disrupted operations for millions of users worldwide, knocking out access to everything from streaming giants to social media platforms and financial apps. The incident, which began early in the morning, affected high-profile services like Amazon’s own e-commerce site, Snapchat, Prime Video, Canva, and countless others reliant […]

The post AWS Outage Impacts Amazon, Snapchat, Prime Video, Canva and More – Update appeared first on Cyber Security News.

Canva, the popular graphic design platform, is reeling from a widespread outage that has rendered its services inaccessible to millions of users worldwide. As of 19:16 AEDT (02:46 IST), the platform’s status page reports “significantly increased error rates” impacting nearly all functionalities, with no clear timeline for restoration. The disruption, linked to a broader Amazon […]

The post Canva Down – Suffers Global Outage, Leaving Millions of Users Unable to Access Platform appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with SYSTEM privileges on affected servers. Dubbed CVE-2025-59287 and assigned a CVSS v3.1 score of 9.8, the flaw stems from unsafe deserialization of untrusted data in WSUS’s AuthorizationCookie handling. Disclosed […]

The post PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability appeared first on Cyber Security News.

A new tool called DefenderWrite exploits whitelisted Windows programs to bypass protections and write arbitrary files into antivirus executable folders, potentially enabling malware persistence and evasion. Developed by cybersecurity expert Two Seven One Three, the tool demonstrates a novel technique for penetration testers and red teams to drop payloads in highly protected locations without needing […]

The post New DefenderWrite Tool Let Attackers Inject Malicious DLLs into AV Executable Folders appeared first on Cyber Security News.

A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems, enabling attackers with local access to exploit symlink attacks and race conditions for full root privilege escalation. Root access, the ideal of control in Unix-like environments, could open doors to […]

The post PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation appeared first on Cyber Security News.