A sophisticated new ransomware family called Charon has emerged in the cybersecurity landscape, targeting organizations in the Middle East’s public sector and aviation industry with advanced persistent threat (APT) techniques typically reserved for nation-state actors. The ransomware campaign represents a…
Category: EN
Several Docker Images Contain Infamous XZ Backdoor Planted for More Than a Year
The cybersecurity community continues to grapple with the lingering effects of the XZ Utils backdoor, a sophisticated supply chain attack that shook the industry in March 2024. What began as a carefully orchestrated two-year campaign by the pseudonymous developer ‘Jia…
FortiWeb Authentication Bypass Vulnerability Let Attackers Log in As Any Existing User
A critical authentication bypass vulnerability in FortiWeb allows unauthenticated remote attackers to impersonate any existing user on affected systems. The vulnerability, tracked as CVE-2025-52970 with a CVSS score of 7.7, affects multiple FortiWeb versions and stems from improper parameter handling…
Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia
Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products. The post Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Microsoft fixes “BadSuccessor” Kerberos vulnerability (CVE-2025-53779)
For August 2025 Patch Tuesday, Microsoft has released security updates resolving 100+ security vulnerabilities in its various solutions, including a relative path traversal flaw in Windows Kerberos (CVE-2025-53779) that allows an authorized attacker to elevate privileges over a network as…
AI SOC 101: Key Capabilities Security Leaders Need to Know
Security operations have never been a 9-to-5 job. For SOC analysts, the day often starts and ends deep in a queue of alerts, chasing down what turns out to be false positives, or switching between half a dozen tools to…
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code
Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries a CVSS score of 9.8 out of a maximum of 10.0. “An…
The FinTech Arms Race
Discover how FinTech startups and legacy banks are battling for dominance through speed, AI, and customer experience in the evolving financial services race. This article has been indexed from Silicon UK Read the original article: The FinTech Arms Race
Multiple GitLab Vulnerabilities Allow Account Takeover and Stored XSS Attacks
GitLab has released critical security patches addressing multiple high-severity vulnerabilities that could enable attackers to execute account takeovers and stored cross-site scripting (XSS) attacks across both Community Edition (CE) and Enterprise Edition (EE) platforms. The vulnerabilities, disclosed in patch releases…
VexTrio Hackers Use Fake CAPTCHAs and Malicious Apps on Google Play & App Store to Target Users
Security researchers at Infoblox Threat Intel have revealed the complex workings of VexTrio, a highly skilled cybercriminal network that has been active since at least 2017. This discovery highlights the ongoing dangers in the digital economy. Formerly known simply as…
UK expands police facial recognition rollout with 10 new vans heading to a town near you
Seven additional regions across England will now have access to the controversial tech A fresh expansion of UK crimefighters’ access to live facial recognition (LFR) technology is being described by officials as “an excellent opportunity for policing.” Privacy campaigners diagree.……
Russia Reportedly Behind Attack on U.S. Courts Electronic Filing System
Investigators believe Russia likely was at least partially responsible for a breach of the U.S. Court’s electronic filing system, possibly stealing a broad array of sensitive information, the New York Times reported. Politico said the hackers were able to exploit…
The FinTech Arms Race: Head-to-Head
Agile FintTchs outpace banks with speed, focus, and innovation, reshaping loyalty and CX while open banking and AI redefine the future of finance. This article has been indexed from Silicon UK Read the original article: The FinTech Arms Race: Head-to-Head
Fake Minecraft Installer Spreads NjRat Spyware to Steal Data
Fake Minecraft clone Eaglercraft 1.12 Offline spreads NjRat spyware stealing passwords, spying via webcam and microphone, warns Point… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Fake Minecraft…
Microsoft Office Vulnerabilities Allow Attackers to Execute Remote Code
Microsoft has disclosed three critical security vulnerabilities in its Office suite that could enable attackers to execute malicious code remotely on affected systems. The vulnerabilities, identified as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, were released on August 12, 2025, and pose significant…
Windows Remote Desktop Services Vulnerability Let Attacker Deny Services Over Network
Microsoft released security patches addressing a significant vulnerability in Windows Remote Desktop Services that could allow unauthorized attackers to launch denial of service attacks over network connections. The vulnerability, designated as CVE-2025-53722, affects multiple Windows versions spanning from legacy systems…
xsshunter-express – Self-Hosted Blind XSS Payload Capture and Analysis
Self-hosted blind XSS hunter via Docker. Deploy xsshunter‑express in five minutes to capture stealthy XSS payloads with screenshots, DOM dumps, and full context. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the…
Best Kickass (KAT) Alternatives & Live Torrent Trackers in 2025 – Public, Private, and Legal Picks
Best Kickass alternatives and live torrent trackers in 2025. Public, private, and legal sites tested and active, plus safety tips for researchers. This article has been indexed from Darknet – Hacking Tools, Hacker News & Cyber Security Read the original…
Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000
The RansomHub ransomware group stole sensitive information from staffing and recruiting firm Manpower in January. The post Manpower Says Data Breach Stemming From Ransomware Attack Impacts 140,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
St. Paul’s Mayor Confirms Interlock Data Leak
Mayor of St. Paul, Minnesota, Melvin Carter, confirmed that employee data was published online by the Interlock ransomware gang This article has been indexed from www.infosecurity-magazine.com Read the original article: St. Paul’s Mayor Confirms Interlock Data Leak