A critical remote code execution vulnerability has been discovered in Lighthouse Studio, one of the most widely deployed yet relatively unknown survey software platforms developed by Sawtooth Software. The flaw, designated CVE-2025-34300, affects the Perl CGI scripts that power web-based…
Tag: Cyber Security News
HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication
A critical vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Instant On Access Points could allow attackers to bypass device authentication mechanisms completely. The vulnerability, tracked as CVE-2025-37103, stems from hardcoded login credentials embedded within the devices’ software, presenting a…
CoinDCX Hacked – $44.2 million Wiped off From the Platform
India’s second-largest cryptocurrency exchange, CoinDCX, confirmed a sophisticated security breach on July 19, 2025, resulting in approximately $44.2 million being stolen from the platform. This incident marks another significant cyberattack on India’s crypto infrastructure, coming exactly one year after the…
Microsoft Released Emergency Security Update to Patch Critical SharePoint 0-Day Vulnerability
Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting. The vulnerabilities, assigned as CVE-2025-53770 and CVE-2025-53771, pose immediate risks to organizations running SharePoint infrastructure and require immediate remediation. Key…
PoC Exploit Released for Critical NVIDIA AI Container Toolkit Vulnerability
A critical container escape vulnerability has emerged in the NVIDIA Container Toolkit, threatening the security foundation of AI infrastructure worldwide. Dubbed “NVIDIAScape” and tracked as CVE-2025-23266, this flaw carries a maximum CVSS score of 9.0, representing one of the most…
New PoisonSeed Attack Let Attackers Trick Users into Scanning a QR Code with an MFA Authenticator
A sophisticated new attack technique compromises Fast IDentity Online (FIDO) key authentication by exploiting cross-device sign-in features. The PoisonSeed attack group has developed a method to downgrade FIDO key protections through adversary-in-the-middle (AitM) phishing campaigns that trick users into scanning…
New 7-Zip Vulnerability Enables Weaponized RAR5 File to Crash Your System
A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting malicious RAR5 archive files. The vulnerability, tracked as CVE-2025-53816 and designated GHSL-2025-058, affects all versions…
New 7-Zip Vulnerability Enables Malicious RAR5 File to Crash Your System
A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting malicious RAR5 archive files. The vulnerability, tracked as CVE-2025-53816 and designated GHSL-2025-058, affects all versions…
Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More
It’s been a busy seven days for security alerts. Google is addressing another actively exploited zero-day in Chrome, and VMware has rolled out key patches for its own set of vulnerabilities. We’ll also break down the methods behind a new…
Grafana Vulnerabilities Allow User Redirection to Malicious Sites and Code Execution in Dashboards
Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerabilities, identified as CVE-2025-6023 and CVE-2025-6197, affect multiple versions of Grafana, including 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x branches. Both…
SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access
A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active…
New Veeam Themed Phishing Attack Using Weaponized Wav File to Attack users
A sophisticated phishing campaign targeting organizations has emerged, exploiting the trusted reputation of Veeam Software through weaponized WAV audio files delivered via email. The attack represents an evolution in social engineering tactics, combining traditional phishing techniques with audio-based deception to…
Chinese Threat Actors Using 2,800 Malicious Domains to Deliver Windows-Specific Malware
A sophisticated Chinese threat actor campaign has emerged as one of the most persistent malware distribution operations targeting Chinese-speaking communities worldwide. Since June 2023, this ongoing campaign has established an extensive infrastructure comprising more than 2,800 malicious domains specifically designed…
Snake Keylogger Evades Windows Defender and Scheduled Tasks to Harvest Login Credentials
A sophisticated phishing campaign targeting Turkish defense and aerospace enterprises has emerged, delivering a highly evasive variant of the Snake Keylogger malware through fraudulent emails impersonating TUSAŞ (Turkish Aerospace Industries). The malicious campaign distributes files disguised as contractual documents, specifically…
New QR Code Attack Via PDFs Evades Detection Systems and Harvest Credentials
A sophisticated phishing campaign dubbed “Scanception” has emerged as a significant threat to enterprise security, leveraging QR codes embedded in PDF attachments to bypass traditional email security measures and harvest user credentials. The attack represents a concerning evolution in social…
New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers
A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST. Tracked as CVE-2025-54309, the bug allows unauthenticated attackers to obtain full administrative…
Lumma Infostealer Steal All Data Stored in Browsers and Selling Them in Underground Markets as Logs
The cybersecurity landscape continues to face significant threats from sophisticated information stealers, with Lumma emerging as one of the most prevalent and dangerous malware families targeting both consumer and enterprise environments. This malicious software systematically harvests enormous volumes of sensitive…
CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of the SQL injection flaw in cyberattacks worldwide. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s…
Google Sued BadBox 2.0 Malware Botnet Operators That Infects 10 Million+ Devices
Google has filed a lawsuit in New York federal court against the operators of the BadBox 2.0 botnet, marking a significant escalation in the tech giant’s fight against cybercriminal networks. The malware campaign represents the largest known botnet of internet-connected…
New Wave of Crypto-Hijacking Infects 3,500+ Websites
A stealth Monero-mining campaign has quietly compromised more than 3,500 websites by embedding an innocuous-looking JavaScript file called karma.js. The operation leverages WebAssembly, Web Workers, and WebSockets to siphon CPU cycles while keeping resource usage low enough to avoid user…