A zero-day local privilege escalation vulnerability in VMware Tools and VMware Aria Operations is being actively exploited in the wild. The flaw, tracked as CVE-2025-41244, allows an unprivileged local attacker to gain root-level code execution on affected systems. On September…
Category: Cyber Security News
Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory
Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to crash applications or corrupt process memory. The vulnerability, identified as CVE-2025-43400, affects a wide range…
Critical Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code
Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw, tracked as CVE-2025-30247, could allow a remote attacker to execute arbitrary code on vulnerable systems, potentially leading to a complete…
VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root
VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure. Disclosed on 29 September 2025, the advisory covers CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246…
VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames
VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames and manipulate system notifications. The vulnerabilities, tracked as CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252, affect multiple VMware products, including Cloud Foundation, vSphere…
Hackers Trick Users into Download Weaponized Microsoft Teams to Gain Remote Access
A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized version of Microsoft Teams to gain remote access to their systems. Threat actors are using search engine optimization (SEO) poisoning…
New Harrods Data Breach Exposes 430,000 Customer Personal Records
Luxury department store Harrods has disclosed a significant data breach affecting approximately 430,000 customer records after a third-party provider was compromised. The hackers behind the attack have contacted the retailer, but Harrods has stated it will not engage with the…
Hackers Trick Users to Download Weaponized Microsoft Teams to Gain Remote Access
A sophisticated cyber campaign is exploiting the trust users place in popular collaboration software, tricking them into downloading a weaponized version of Microsoft Teams to gain remote access to their systems. Threat actors are using search engine optimization (SEO) poisoning…
New Malware-as-a-Service Olymp Loader Promises Defender-Bypass With Automatic Certificate Signing
The cybersecurity community is currently observing a surge in interest around Olymp Loader, a recently unveiled Malware-as-a-Service (MaaS) platform written entirely in Assembly. First advertised on underground forums and Telegram channels in early June 2025, Olymp Loader has rapidly evolved…
JLR Confirms Phased Restart of Operations Following Cyber Attack
Jaguar Land Rover (JLR) has confirmed it will begin a phased restart of its manufacturing operations in the coming days, nearly a month after a significant cyber attack forced the company to halt production across the United Kingdom. The luxury…
New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concerning evolution in threat actor tactics, utilizing trojanized applications disguised as calendar tools and image viewers…
SVG Security Analysis Toolkit to Detect Malicious Scripts Hidden in SVG Files
As attackers increasingly leverage Scalable Vector Graphics (SVG) for stealthy code injection, security researchers face mounting challenges in detecting obfuscated payloads embedded within SVG assets. The SVG Security Analysis Toolkit by HackingLZ offers a comprehensive solution: a suite of four…
New Spear-Phishing Attack Delivers DarkCloud Malware to Steal Keystrokes, FTP Credentials and Others
A newly observed spear-phishing campaign is leveraging sophisticated social engineering lures to distribute DarkCloud, a modular malware suite designed to harvest keystrokes, exfiltrate FTP credentials and gather system information. Over the past month, targeted emails masquerading as legitimate software updates…
New ModStealer Evade Antivirus Detection to Attack macOS Users and Steal Sensitive Data
A sophisticated new cross-platform information stealer known as ModStealer has emerged, targeting macOS users and demonstrating concerning capabilities to evade Apple’s built-in security mechanisms. The malware represents the latest evolution in macOS-focused threats, which have seen a dramatic surge throughout…
Threat Actors Weaponizing Facebook and Google Ads as Financial Platforms to Steal Sensitive Data
In recent months, cybersecurity teams have observed an alarming trend in which malicious actors exploit Facebook and Google advertising channels to masquerade as legitimate financial services. By promoting free or premium access to well-known trading platforms, these threat actors have…
SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account
A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames of other accounts. Tracked as CVE-2024-58260, this vulnerability affects Rancher Manager versions 2.9.0 through 2.12.1, enabling both username takeover and full…
WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File
WhatsApp 0-click remote code execution (RCE) vulnerability affecting Apple’s iOS, macOS, and iPadOS platforms, detailed with a proof of concept demonstration. The attack chain exploits two distinct vulnerabilities, identified as CVE-2025-55177 and CVE-2025-43300, to compromise a target device without requiring…
Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day vulnerabilities affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) platforms. At the center of this security crisis lies CVE-2025-20333, a devastating…
Hackers Weaponizing SVG Files to Deliver PureMiner Malware and Steal Sensitive Information
In recent weeks, a sophisticated phishing campaign has emerged, targeting organizations in Ukraine with malicious Scalable Vector Graphics (SVG) files designed to propagate the PureMiner cryptominer and a data-stealing payload dubbed Amatera Stealer. Attackers masquerade as the Ukrainian police, sending…
Windows Heap Exploitation Vulnerability With Record’s Size Field Leads to Arbitrary R/W
A critical vulnerability in Windows heap management demonstrates how improper handling of record-size fields enables arbitrary memory read and write operations. Suraj Malhotra shared a detailed exploitation technique leveraging the Low Fragmentation Heap (LFH) mechanism to achieve code execution on…