CISA Adds SolarWinds Web Help Desk RCE Flaw to Known Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because it enables remote code execution (RCE) and can be exploited without authentication. According…

Building a Zero-Trust Framework for Cloud Banking

Zero-trust architecture helps banks secure cloud environments, meet regulations, and scale innovation through identity-first security. The post Building a Zero-Trust Framework for Cloud Banking appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original…

Metro bug, more social bans, leaky Moltbook

React Native Metro bug impacts thousands of servers Greece and Spain set to ban social media for kids Moltbook shows the dangers of vibe coding Get the show notes here: https://cisoseries.com/cybersecurity-news-metro-bug-more-social-bans-leaky-moltbook/  Huge thanks to our sponsor, Strike48 Security teams are…

ValleyRAT Masquerades as LINE Installer to Target Users and Harvest Login Credentials

A malware campaign where cybercriminals distribute a fake LINE messenger installer that secretly deploys the ValleyRAT malware to steal credentials and evade detection. Since early 2025, threat actors have increasingly used fraudulent software installers to deliver malware. This campaign shares techniques with previously discovered LetsVPN-themed attacks,…