SonicWall has released an urgent software update for its Secure Mobile Access (SMA) 100 Series appliances to remove a dangerous rootkit known as ‘OVERSTEP.’ This backdoor malware was discovered in older SMA firmware versions and can give attackers persistent access…
Category: EN
CISA Issues Alert on Actively Exploited Google Chrome 0-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding an actively exploited zero-day vulnerability in Google Chrome. The vulnerability, designated as CVE-2025-10585, affects the V8 JavaScript and WebAssembly engine within Google Chromium, creating significant security…
Kali Linux 2025.3 Launches With Fresh Features and 10 New Pentesting Tools
Kali Linux 2025.3 has arrived, bringing a wave of improvements, updated firmware support, and a suite of ten new security tools. This release builds on the June 2025.2 update by refining core workflows, extending wireless capabilities, and preparing the distribution…
Bouygues Telecom – 5,685,771 breached accounts
In August 2025, the French telecommunications company Bouygues Telecom detected a cyber attack against their services. The incident resulted in a data breach that exposed almost 6.4M customer records, including 5.7M unique email addresses. The breach also exposed names, physical…
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability
CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a critical remote code execution vulnerability in GeoServer. The incident, which remained undetected for three weeks,…
Kali Linux 2025.3 Released With New Features and 10 New Hacking Tools
Kali team has released Kali Linux 2025.3, the third major update of the year for the popular penetration testing and ethical hacking distribution. This release introduces 10 new tools, brings significant updates to its mobile platform, Kali NetHunter, and enhances…
Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers
Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments. The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…
Proofpoint introduces four innovations to safeguard the agentic workspace
Proofpoint announced four innovations designed to secure the agentic workspace, where people and AI agents collaborate side by side. Proofpoint’s new collaboration and data security capabilities address the risks of the agentic workspace by solving four challenges: protecting AI assistants…
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question…
European airports restore services, CISA deals with GeoServer exploit, Jaguar Land Rover extends shutdown
European airports restoring services after system breach CISA deals with GeoServer exploit App for outing Charlie Kirk’s critics leaks personal data Huge thanks to our sponsor, Conveyor Have you been personally victimized by a questionnaire this week? The queue never…
What to expect from iPhone 17?
Apple has officially launched its new iPhone 17 lineup. The new devices that will be hitting the shelves later this month will come in four… The post What to expect from iPhone 17? appeared first on Panda Security Mediacenter. This…
Huawei’s HarmonyOS Leads Apple In China For Sixth Quarter
Huawei’s self-developed HarmonyOS leads Apple’s iOS in mainland China for sixth quarter in a row as company pushes for independence This article has been indexed from Silicon UK Read the original article: Huawei’s HarmonyOS Leads Apple In China For Sixth…
ShadowV2 Botnet Infects AWS Docker Containers to Launch DDoS Campaign
Darktrace’s latest investigation uncovered a novel campaign that blends traditional malware with modern DevOps technology. At the center of this operation lies a Python-based command-and-control (C2) framework hosted on GitHub CodeSpaces. The threat actors leverage a multi-stage Docker deployment initiated…
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium…
Cloudflare mitigates largest-ever DDoS attack at 22.2 Tbps
Cloudflare blocked a new record-breaking DDoS attack peaking at 22.2 Tbps and 10.6 billion packets per second. Cloudflare announced it has mitigated a new record-breaking distributed denial-of-service (DDoS) attack that peaked at a record-breaking 22.2 terabits per second (Tbps) and…
Google’s $425 Million Fine a Win for Privacy, But Will it Stick?
Google must pay $425M for violating California privacy laws by tracking 98M users despite opt-outs. A major win for data privacy, though appeals loom. The post Google’s $425 Million Fine a Win for Privacy, But Will it Stick? appeared first…
APIs and hardware are under attack, and the numbers don’t look good
Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift shows how attackers…
Building a stronger SOC through AI augmentation
In this Help Net Security interview, Tim Bramble, Director of Threat Detection and Response at OpenText, discusses how SOC teams are gaining value from AI in detecting and prioritizing threats. By learning what “normal” looks like across users and systems,…
Chrome High-severity Flaws Expose Sensitive Data, Trigger System Crashes
Google has released an urgent security update for its Chrome browser, addressing three high-severity vulnerabilities that could allow attackers to leak sensitive information and cause system instability. The latest Chrome version 140.0.7339.207/.208 for Windows and Mac, and 140.0.7339.207 for Linux,…
Jaguar Land Rover Factory Reopening Delayed After Cyber Attack
Jaguar Land Rover (JLR) has announced a further delay to the reopening of its production lines following a sophisticated cyber attack. The pause in manufacturing has been extended until Wednesday, 1 October 2025, to allow the investigation to progress and…