Cyber Security News

Cisco disclosed a high-severity open redirect vulnerability in the Virtual Keyboard Video Monitor (vKVM) component of its Integrated Management Controller (IMC). Tracked as CVE-2025-20317 with a CVSS 3.1 base score of 7.1, the vulnerability could enable an unauthenticated remote attacker to redirect administrators or users of affected devices to malicious websites, potentially capturing credentials through […]

The post Cisco IMC Virtual Keyboard Video Monitor Let Attacker Direct User to Malicious Website appeared first on Cyber Security News.

It is no secret that passwords are highly susceptible to phishing and brute force attacks. This led to the mass adoption of passkeys, a passwordless authentication method leveraging cryptographic key pairs that allows users to log in with biometrics or a hardware key. According to FIDO, over 15 billion accounts have been passkey-enabled, with 69% […]

The post Breaking the Passkey Promise: SquareX Discloses Major Passkey Vulnerability at DEF CON 33 appeared first on Cyber Security News.

ShadowSilk first surfaced in late 2023 as a sophisticated threat cluster targeting government entities across Central Asia and the broader APAC region. Exploiting known public vulnerabilities and widely available penetration-testing frameworks, the group orchestrates data exfiltration campaigns with a high degree of automation and stealth. Initial deliveries were achieved via phishing emails containing password-protected archives; […]

The post ShadowSilk Leveraging Penetration-Testing Tools, Public Exploits to Attack Organizations appeared first on Cyber Security News.

A critical zero-day remote code execution (RCE) vulnerability, tracked as CVE-2025-7775, is affecting over 28,000 Citrix instances worldwide. The flaw is being actively exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities (KEV) catalog. The Shadowserver Foundation discovered that as of August 26, […]

The post 28,000+ Citrix Instances Exposed to Active 0-Day RCE Vulnerability Exploited in the Wild appeared first on Cyber Security News.

A weaponized proof-of-concept exploit has been publicly released targeting CVE-2025-54309, a severe authentication bypass vulnerability affecting CrushFTP file transfer servers.  The flaw enables remote attackers to gain administrative privileges through a race condition in AS2 validation processing, circumventing authentication mechanisms entirely.  Key Takeaways1. Race-condition exploit lets attackers bypass CrushFTP authentication.2. Public PoC on GitHub confirms […]

The post PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309) appeared first on Cyber Security News.

August 2025 has marked a significant evolution in cybercrime tactics, with threat actors deploying increasingly sophisticated phishing frameworks and social engineering techniques that are successfully bypassing traditional security defenses. Security researchers at ANY.RUN has identified three major campaign families that represent a fundamental shift in how cybercriminals approach credential theft and system compromise: the multi-stage […]

The post How ClickFix and Multi-Stage Phishing Frameworks Are Breaking Enterprise Defenses appeared first on Cyber Security News.

A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi).  Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to inject persistent JavaScript into firewall rule parameters.  Once stored, the payload executes automatically when another administrator loads the rules page, potentially resulting in session hijacking, unauthorized actions within the interface, or […]

The post IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript appeared first on Cyber Security News.

NVIDIA has issued a critical security bulletin addressing a high-severity vulnerability in its NeMo Curator platform that could allow attackers to execute malicious code and escalate privileges on affected systems.  The vulnerability, designated CVE-2025-23307, affects all versions of NVIDIA NeMo Curator prior to release 25.07 across Windows, Linux, and macOS platforms. The security flaw stems […]

The post NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation appeared first on Cyber Security News.

CISA released three significant Industrial Control Systems (ICS) advisories on August 26, 2025, alerting organizations to critical vulnerabilities affecting widely-deployed automation systems.  These advisories highlight severe security flaws across INVT Electric’s engineering tools, Schneider Electric’s Modicon controllers, and Danfoss refrigeration systems, with CVSS v4 scores reaching 8.7, indicating high-severity exploitable conditions. Key Takeaways1. CISA issued […]

The post CISA releases New ICS Advisories Surrounding Vulnerabilities and Exploits appeared first on Cyber Security News.

Apple has issued emergency security updates across its entire ecosystem to address CVE-2025-43300, a critical zero-day vulnerability in the ImageIO framework that has been actively exploited in sophisticated targeted attacks. This represents the seventh zero-day vulnerability that Apple has patched in 2025, underscoring the persistent and escalating threat landscape facing iOS and macOS devices. The vulnerability’s addition to CISA’s […]

The post Analysis of Apple’s ImageIO Zero-Day Vulnerability: Attacker Context and Historical iOS Zero-Click Similarities appeared first on Cyber Security News.

A sophisticated global cybercrime campaign dubbed “ShadowCaptcha” has emerged as a significant threat to organizations worldwide, leveraging fake Google and Cloudflare CAPTCHA pages to trick victims into executing malicious commands. Discovered by researchers at the Israel National Digital Agency in August 2025, this large-scale operation has been active for at least one year, exploiting hundreds […]

The post New ShadowCaptcha Attack Exploiting Hundreds of WordPress Sites to Tricks Victims into Executing Malicious Commands appeared first on Cyber Security News.

A newly observed variant of the Zip Slip vulnerability has emerged, enabling threat actors to exploit path traversal flaws in widely used decompression utilities. Exploits leveraging this vulnerability craft malicious archives containing specially constructed file names with relative paths. When an unsuspecting user or automated system extracts these archives, files are written outside the intended […]

The post New Zip Slip Vulnerability Allows Attackers to Manipulate ZIP Files During Decompression appeared first on Cyber Security News.

Spotify today rolled out a native direct messaging feature, Messages, for both Free and Premium users aged 16+ in select markets on mobile.  This long-awaited addition creates a dedicated in-app space to share tracks, podcasts, and audiobooks, supercharging word-of-mouth recommendations. However, security researchers warn that the new chat API could introduce attack vectors if not […]

The post Spotify Launches Direct Message Feature for Music Sharing, What are the Risks Associated? appeared first on Cyber Security News.

In recent weeks, a sophisticated phishing operation known as the ZipLine campaign has targeted U.S.-based manufacturing firms, leveraging supply-chain criticality and legitimate-seeming business communications to deploy an advanced in-memory implant dubbed MixShell. This threat actor reverses traditional phishing workflows by initiating contact through corporate “Contact Us” web forms, prompting victims to reach out first. Once […]

The post New ZipLine Campaign Attacks Critical Manufacturing Companies to Deploy In-memory Malware MixShell appeared first on Cyber Security News.

A whistleblower disclosure filed today alleges that the Department of Government Efficiency (DOGE) within the Social Security Administration (SSA) covertly created a live copy of the nation’s entire Social Security dataset in an unsecured cloud environment.  Chief Data Officer Charles Borges warned that, if malicious actors gain access, over 300 million Americans could face identity […]

The post DOGE Accused of Mimicking Country’s Social Security Info in Unsecured Cloud appeared first on Cyber Security News.

A newly identified ransomware strain named Cephalus has emerged as a sophisticated threat, targeting organizations through compromised Remote Desktop Protocol (RDP) connections. The malware, which takes its name from Greek mythology referencing the son of Hermes who tragically killed his wife with an infallible javelin, represents a concerning evolution in ransomware deployment techniques. Cephalus distinguishes […]

The post New Cephalus Ransomware Leverages Remote Desktop Protocol to Gain Initial Access appeared first on Cyber Security News.

Google has released an emergency security update for Chrome to address a critical use-after-free vulnerability (CVE-2025-9478) in the ANGLE graphics library that could allow attackers to execute arbitrary code on compromised systems.  The vulnerability affects Chrome versions prior to 139.0.7258.154/.155 across Windows, Mac, and Linux platforms. The security flaw was discovered by Google’s Big Sleep […]

The post Critical Chrome Use After Free Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

A sophisticated data exfiltration campaign targeting corporate Salesforce instances has exposed sensitive information from multiple organizations through compromised OAuth tokens associated with the Salesloft Drift third-party application.  The threat actor, designated as UNC6395, systematically harvested credentials and sensitive data between August 8-18, 2025, demonstrating advanced operational security awareness while executing SOQL queries across numerous Salesforce […]

The post Salesloft Drift Hacked to Steal OAuth Tokens and Exfiltrate from Salesforce Corporate Instances appeared first on Cyber Security News.

China-based threat actor Mustang Panda has emerged as one of the most sophisticated cyber espionage groups operating in the current threat landscape, with operations dating back to at least 2014. This advanced persistent threat (APT) group has systematically targeted government entities, nonprofit organizations, religious institutions, and NGOs across the United States, Europe, Mongolia, Myanmar, Pakistan, […]

The post China-based Threat Actor Mustang Panda’s Tactics, Techniques, and Procedures Unveiled appeared first on Cyber Security News.

Cybersecurity researchers have uncovered a critical security flaw in Securden Unified PAM that allows attackers to completely bypass authentication mechanisms and gain unauthorized access to sensitive credentials and system functions. The vulnerability, designated as CVE-2025-53118 with a CVSS score of 9.4, represents one of four serious security issues discovered in the privileged access management solution […]

The post Securden Unified PAM Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.