Cyber Security News

A zero-day local privilege escalation vulnerability in VMware Tools and VMware Aria Operations is being actively exploited in the wild. The flaw, tracked as CVE-2025-41244, allows an unprivileged local attacker to gain root-level code execution on affected systems. On September 29, 2025, Broadcom disclosed the vulnerability, which exists within VMware’s guest service discovery features. However, […]

The post VMware Tools and Aria 0-Day Vulnerability Exploited for Privilege Escalation and Code Execution appeared first on Cyber Security News.

VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure.  Disclosed on 29 September 2025, the advisory covers CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246 with CVSSv3 base scores ranging from 4.9 to 7.8.  Administrators must apply the patched versions […]

The post VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root appeared first on Cyber Security News.

Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw, tracked as CVE-2025-30247, could allow a remote attacker to execute arbitrary code on vulnerable systems, potentially leading to a complete device takeover. The company addressed the high-severity issue in My Cloud Firmware version 5.31.108, which […]

The post Critical Western Digital My Cloud NAS Vulnerability Allows Remote Code Execution appeared first on Cyber Security News.

Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to crash applications or corrupt process memory. The vulnerability, identified as CVE-2025-43400, affects a wide range of products, including the newly released macOS Tahoe and iOS 26, as well as older […]

The post Apple Font Parser Vulnerability Enables Malicious Fonts to Corrupt Process Memory appeared first on Cyber Security News.

VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames and manipulate system notifications.  The vulnerabilities, tracked as CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252, affect multiple VMware products, including Cloud Foundation, vSphere Foundation, NSX, NSX-T, and Telco Cloud platforms. Broadcom, which acquired VMware, released a security advisory […]

The post VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames appeared first on Cyber Security News.

A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized version of Microsoft Teams to gain remote access to their systems. Threat actors are using search engine optimization (SEO) poisoning and malicious advertisements to lure unsuspecting victims to fraudulent download pages, a tactic that closely […]

The post Hackers Trick Users into Download Weaponized Microsoft Teams to Gain Remote Access appeared first on Cyber Security News.

Luxury department store Harrods has disclosed a significant data breach affecting approximately 430,000 customer records after a third-party provider was compromised. The hackers behind the attack have contacted the retailer, but Harrods has stated it will not engage with the threat actor, suggesting a potential ransom demand was made. The breach, which Harrods first communicated […]

The post New Harrods Data Breach Exposes 430,000 Customer Personal Records appeared first on Cyber Security News.

A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to harvest keystrokes, exfiltrate FTP credentials and gather system information. Over the past month, targeted emails masquerading as legitimate software updates or corporate invoices have reached unsuspecting recipients across various industries. These messages carry a weaponized […]

The post New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others appeared first on Cyber Security News.

As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated payloads embedded within SVG assets.  The SVG Security Analysis Toolkit by HackingLZ offers a comprehensive solution: a suite of four Python-based tools designed to reveal hidden scripts, decode obfuscated URLs, and verify protection mechanisms, all […]

The post SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files appeared first on Cyber Security News.

A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concerning evolution in threat actor tactics, utilizing trojanized applications disguised as calendar tools and image viewers to bypass traditional security defenses. This campaign demonstrates how cybercriminals increasingly exploit user trust in […]

The post New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Jaguar Land Rover (JLR) has confirmed it will begin a phased restart of its manufacturing operations in the coming days, nearly a month after a significant cyber attack forced the company to halt production across the United Kingdom. The luxury carmaker, owned by India’s Tata Motors, is taking gradual steps to bring its facilities back […]

The post JLR Confirms Phased Restart of Operations Following Cyber Attack appeared first on Cyber Security News.

The cybersecurity community is currently observing a surge in interest around Olymp Loader, a recently unveiled Malware-as-a-Service (MaaS) platform written entirely in Assembly. First advertised on underground forums and Telegram channels in early June 2025, Olymp Loader has rapidly evolved from a rudimentary botnet concept into a sophisticated loader and crypter suite. Its author, operating […]

The post New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing appeared first on Cyber Security News.

In recent months, cybersecurity teams have observed an alarming trend in which malicious actors exploit Facebook and Google advertising channels to masquerade as legitimate financial services. By promoting free or premium access to well-known trading platforms, these threat actors have successfully lured unsuspecting users into downloading trojanized applications. The campaign’s social engineering tactics leverage familiar […]

The post Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data appeared first on Cyber Security News.

A sophisticated new cross-platform information stealer known as ModStealer has emerged, targeting macOS users and demonstrating concerning capabilities to evade Apple’s built-in security mechanisms. The malware represents the latest evolution in macOS-focused threats, which have seen a dramatic surge throughout 2024 and continue accelerating into the current year. ModStealer follows established patterns seen in other […]

The post New ModStealer Evade Antivirus Detection to Attack macOS Users and Steal Sensitive Data appeared first on Cyber Security News.

WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple’s iOS, macOS, and iPadOS platforms, detailed with a proof of concept demonstration. The attack chain exploits two distinct vulnerabilities, identified as CVE-2025-55177 and CVE-2025-43300, to compromise a target device without requiring user interaction. The exploit, demonstrated in a proof-of-concept (PoC) shared by the DarkNavyOrg researchers, is […]

The post WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File appeared first on Cyber Security News.

A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames of other accounts.  Tracked as CVE-2024-58260, this vulnerability affects Rancher Manager versions 2.9.0 through 2.12.1, enabling both username takeover and full lockout of the admin account.  Organizations running unsupported versions are urged to upgrade immediately or […]

The post SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account appeared first on Cyber Security News.

Singapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong Kong, the new service offers unique industry insights for threat intelligence platforms (TIPs), security operation centers (SOCs) and […]

The post ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution appeared first on Cyber Security News.

The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day vulnerabilities affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) platforms. At the center of this security crisis lies CVE-2025-20333, a devastating remote code execution vulnerability with a CVSS score of 9.9, which sophisticated state-sponsored threat actors […]

The post Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild appeared first on Cyber Security News.

A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers.  The vulnerability tracked as CVE-2025-59934 affects all versions prior to 4.0.1 and stems from improper token validation that uses jwt.decode() instead of jwt.verify(), allowing attackers to bypass authentication controls entirely. The […]

The post Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization appeared first on Cyber Security News.

A critical vulnerability in Windows heap management demonstrates how improper handling of record-size fields enables arbitrary memory read and write operations.  Suraj Malhotra shared a detailed exploitation technique leveraging the Low Fragmentation Heap (LFH) mechanism to achieve code execution on Windows systems. Windows Heap Exploitation Vulnerability The Windows NT Heap operates through FrontEnd and BackEnd […]

The post Windows Heap Exploitation Vulnerability With Record’s Size Field Leads to Arbitrary R/W appeared first on Cyber Security News.