Category: Cyber Security News

A recent analysis of a Windows kernel-memory dump has provided a detailed look into a DRIVER_POWER_STATE_FAILURE, a critical error that results in a Blue Screen of Death (BSOD). The investigation reveals how a single malfunctioning driver can cause a system-wide…

Read more →

APT37, the North Korean-aligned threat actor also known as ScarCruft, Ruby Sleet, and Velvet Chollima, has expanded its arsenal with sophisticated new malware targeting Windows systems. Active since 2012, the group primarily focuses on South Korean individuals connected to the…

Read more →

Adobe has issued an emergency security patch for a critical vulnerability in its Magento and Adobe Commerce platforms, dubbed “SessionReaper”. The vulnerability is considered one of the most severe in Magento’s history, prompting an out-of-band update on Tuesday, September 9th,…

Read more →

Security researchers have uncovered a sophisticated campaign in recent weeks leveraging a novel Remote Access Trojan (RAT) dubbed MostereRAT that targets Windows systems by deploying legitimate remote access tools such as AnyDesk and TightVNC. The malware’s emergence represents a significant…

Read more →

As part of its scheduled security maintenance, SAP released its September 2025 Patch Day notes, addressing a total of 21 new vulnerabilities and providing updates to four previously released security advisories. Among the newly addressed flaws are four critical vulnerabilities…

Read more →

A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August 2025, demonstrates evolved tactics designed to establish persistent root access while denying other attackers access…

Read more →

Elastic has disclosed a security incident stemming from a third-party breach at Salesloft Drift, which resulted in unauthorized access to an internal email account containing valid credentials. While the company’s core Salesforce environment was not impacted, the incident exposed sensitive…

Read more →

Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate networks across multiple continents. The threat actors behind this operation, known colloquially as Salt Typhoon and UNC4841, leveraged overlapping infrastructure and shared…

Read more →

A new technique to exploit a complex use-after-free (UAF) vulnerability in the Linux kernel successfully bypasses modern security mitigations to gain root privileges. The method targets CVE-2024-50264, a difficult-to-exploit race condition bug in the AF_VSOCK subsystem that was recognized with a Pwnie…

Read more →

A sophisticated new cybercrime toolkit named SpamGPT is enabling hackers to launch massive and highly effective phishing campaigns by combining artificial intelligence with the capabilities of professional email marketing platforms. Marketed on the dark web as a “spam-as-a-service” platform, SpamGPT…

Read more →

Elastic has disclosed a security incident stemming from a third-party breach at Salesloft Drift, which resulted in unauthorized access to an internal email account containing valid credentials. While the company’s core Salesforce environment was not impacted, the incident exposed sensitive…

Read more →

In the largest supply chain attack, hackers compromised 18 popular npm packages, which together account for over two billion downloads per week. The attack, which began on September 8th, involved injecting malicious code designed to steal cryptocurrency from users. The…

Read more →

Dynatrace has confirmed it was impacted by a third-party data breach originating from the Salesloft Drift application, resulting in unauthorized access to customer business contact information stored in its Salesforce CRM. The company confirmed that the incident was limited to…

Read more →

A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out…

Read more →

A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw, identified as CVE-2025-7388, allows for remote code execution (RCE) and affects multiple versions of the software, potentially enabling attackers to…

Read more →

In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces…

Read more →

A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation. Security researchers and the ImageMagick team urge all users and organizations to update immediately to prevent exploitation.…

Read more →

A significant security flaw has been discovered in pgAdmin, the widely used open-source administration and development platform for PostgreSQL databases. The vulnerability, tracked as CVE-2025-9636, affects all pgAdmin versions up to and including 9.7, potentially allowing remote attackers to gain…

Read more →

Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in modern web security infrastructure. The research, conducted during an autonomous penetration test, revealed how attackers…

Read more →

An important security vulnerability has been discovered in Apache Jackrabbit, a popular open-source content repository used in enterprise content management systems and web applications. This flaw could allow unauthenticated attackers to achieve arbitrary code execution (RCE) on servers running vulnerable…

Read more →