A critical security vulnerability in Apache Tomcat’s HTTP/2 implementation has been discovered, enabling attackers to launch devastating denial-of-service (DoS) attacks against web servers. The vulnerability, designated as CVE-2025-48989 and dubbed the “Made You Reset” attack, affects multiple versions of the…
Category: Cyber Security News
Splunk Release Guide for Defenders to Detect Suspicious Activity Before ESXi Ransomware Attack
A detailed security guide released by Splunk to help cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause catastrophic damage. The guide comes as a response to increasing threats against VMware’s ESXi hypervisor systems, which…
Xerox FreeFlow Core Vulnerability Let Remote Attackers Execute Malicious Code – PoC Released
Critical vulnerabilities in Xerox FreeFlow Core, a widely-used print orchestration platform, allow unauthenticated remote attackers to execute malicious code on vulnerable systems. The flaws, tracked as CVE-2025-8355 and CVE-2025-8356, affect the JMF Client service and have been patched in FreeFlow…
Hackers Using Dedicated Phishlet to Launch FIDO Authentication Downgrade Attacks
A sophisticated new threat vector has emerged that could undermine one of the most trusted authentication methods in cybersecurity. FIDO-based passkeys, long considered the gold standard for phishing-resistant authentication, are now facing a potentially devastating attack technique that forces users…
CISA Warns of N-able N-Central Deserialization and Injection Vulnerability Exploited in Attacks
CISA has issued urgent warnings regarding two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software that threat actors are actively exploiting. The vulnerabilities, identified as CVE-2025-8875 and CVE-2025-8876, pose significant risks to organizations using this widely-deployed…
Critical WordPress Plugin Vulnerability Exposes 70,000+ Sites to RCE Attacks
A critical security vulnerability has been discovered in the popular “Database for Contact Form 7, WPforms, Elementor forms” WordPress plugin, potentially exposing over 70,000 websites to remote code execution attacks. The vulnerability, tracked as CVE-2025-7384 with a maximum CVSS score…
Web DDoS, App Exploitation Attacks Saw a Huge Surge in First Half of 2025
The cybersecurity landscape experienced an unprecedented escalation in digital threats during the first half of 2025, with Web Distributed Denial of Service (DDoS) attacks surging by 39% compared to the second half of 2024. The second quarter alone witnessed a…
“AI-Induced Destruction” – New Attack Vector Where Helpful Tools Become Accidental Weapons
Artificial intelligence coding assistants, designed to boost developer productivity, are inadvertently causing massive system destruction. Researchers report a significant spike in what they term “AI-induced destruction” incidents, where helpful AI tools become accidental weapons against the very systems they’re meant…
ShinyHunters Possibly Collaborates With Scattered Spider in Salesforce Attack Campaigns
The notorious ShinyHunters cybercriminal group has emerged from a year-long hiatus with a sophisticated new wave of attacks targeting Salesforce platforms across major organizations, including high-profile victims like Google. This resurgence marks a significant tactical evolution for the financially motivated…
Breaking Windows Out-of-Box-Experience to Gain Command Line Access With Admin Privileges
A new method has been identified to exploit Windows Out-of-Box-Experience (OOBE) that bypasses existing protections and grants administrative command line access to Windows machines. This technique works even when Microsoft’s recommended security measure, the DisableCMDRequest.tag file, is implemented to block…
VexTrio Hackers Attacking Users via Fake CAPTCHA Robots and Malicious Apps into Google Play and App Store
A sophisticated cybercriminal organization known as VexTrio has been orchestrating a massive fraud empire through deceptive CAPTCHA robots and malicious applications distributed across Google Play and the App Store. This criminal network, operating for over 15 years, has successfully infiltrated…
What Is Out-of-Bounds Read and Write Vulnerability?
Out-of-bounds read and write vulnerabilities represent critical security vulnerabilities that occur when software accesses memory locations beyond the allocated boundaries of data structures such as arrays, buffers, or other memory regions. These vulnerabilities can lead to information disclosure, system crashes,…
Microsoft Exchange Server Vulnerabilities Let Attackers Spoof and Tamper Over Network
Critical security vulnerabilities in Microsoft Exchange Server enable attackers to perform spoofing and tampering attacks over network connections. The vulnerabilities include two Exchange Server flaws (CVE-2025-25007 and CVE-2025-25005) enabling spoofing and tampering attacks, plus a Windows Graphics Component elevation of…
GitHub Copilot RCE Vulnerability via Prompt Injection Leads to Full System Compromise
A critical security vulnerability in GitHub Copilot and Visual Studio Code has been discovered that allows attackers to achieve remote code execution through prompt injection attacks, potentially leading to full system compromise of developers’ machines. The vulnerability, tracked as CVE-2025-53773,…
Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation
GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attacks. The patches were released on August 13, 2025, affecting GitLab Community Edition (CE) and Enterprise…
Microsoft Removes PowerShell 2.0 From Windows To Clean Up Legacy Code
Microsoft is officially removing Windows PowerShell 2.0 from its operating systems, marking the end of an era for the legacy scripting component that has been deprecated since 2017. The removal affects Windows 11 version 24H2 starting August 2025 and Windows…
CISA Added WinRaR Zero-Day (CVE-2025-8088) Vulnerability That is Actively Exploited In the Wild
The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, with a due date of September 2, 2025, for federal agencies to apply mitigations. WinRAR has released version 7.13 to address a critical…
Hackers Could Gain Full Control of Your Rooted Android Devices by Exploiting One Vulnerability
A critical security vulnerability discovered in popular Android rooting frameworks could allow malicious applications to completely compromise rooted devices, giving attackers full system control without user knowledge. The vulnerability, first identified in KernelSU version 0.5.7, demonstrates how seemingly robust authentication…
New ‘Curly COMrades’ APT Hackers Attacking Targeting Critical Organizations in Countries
A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage campaigns against critical organizations in countries experiencing substantial geopolitical shifts. The group has been actively pursuing long-term network access and credential…
New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems
If you think phishing is just clicking a bad link and landing on a fake login page, Tycoon2FA will prove you wrong. This new wave of phishing-as-a-service isn’t playing the old game anymore; it’s running a 7-stage obstacle course built…