Security researchers have uncovered a significant threat targeting developers through the VS Code Marketplace. A coordinated campaign involving 19 malicious extensions has been actively infiltrating the platform, with the attack remaining undetected since February 2025. These deceptive extensions carry hidden…
Tag: Cyber Security News
Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tracked as CVE-2025-62468, was assigned an Important severity rating and released on December 9, 2025.…
Google Warns of Chrome 0-Day Vulnerability Actively Exploited in the wild
Google has released an urgent security update for the Chrome browser to address a high-severity zero-day vulnerability that is currently being exploited in the wild. This emergency patch is part of the latest Stable channel update, bringing the version to…
Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code and Bypass Security
Critical security updates for Acrobat and Reader are available, addressing multiple vulnerabilities that could allow attackers to execute arbitrary code and bypass essential security features. Adobe issued security bulletin APSB25-119 on December 9, 2025, with a priority rating of 3, affecting both…
New Spiderman Phishing Kit Lets Attackers Create Malicious Bank Login Pages in Few Clicks
A sophisticated new phishing framework dubbed “Spiderman” has emerged in the cybercrime underground, dramatically lowering the barrier to entry for financial fraud. This toolkit, observed by Varonis, allows threat actors, even those with minimal technical skill, to spin up pixel-perfect…
Over 644,000 Domains Exposed to Critical React Server Components Vulnerability
The Shadowserver Foundation has released alarming new data regarding the exposure of web applications to CVE-2025-55182, a critical vulnerability affecting React Server Components. Following significant improvements to their scanning methodologies, researchers have identified a massive attack surface comprising over 165,000…
Critical Ivanti EPM Vulnerability Allows Admin Session Hijacking via Stored XSS
A critical stored cross-site scripting vulnerability in Ivanti Endpoint Manager (“EPM”) versions 2024 SU4 and below, that could enable attackers to hijack administrator sessions without authentication. The vulnerability, identified as CVE-2025-10573, has been assigned a CVSS score of 9.6 and…
What’s Next for SOC in 2026: Get the Early-Adopter Advantage
Cybersecurity is about to hit a turning point in 2026. Attackers aren’t only testing AI but also building campaigns around it. Their tooling is getting faster, more adaptive, and far better at mimicking user behavior, from reconnaissance to phishing to initial access. The Shift is Already…
Microsoft Outlook Vulnerability Let Attackers Execute Malicious Code Remotely
Microsoft has patched a critical remote code execution (RCE)vulnerability in Outlook that could allow attackers to execute malicious code on vulnerable systems. The flaw, tracked as CVE-2025-62562, was released on December 9, 2025, and requires immediate attention from IT administrators…
Threat Actors Weaponize ChatGPT and Grok Conversations to Deploy AMOS Stealer
Threat actors are now leveraging the trust users place in AI platforms like ChatGPT and Grok to distribute the Atomic macOS Stealer (AMOS). A new campaign discovered by Huntress on December 5, 2025, reveals that attackers have moved beyond mimicking…
FortiSandbox OS command injection Vulnerability Let Attackers execute Malicious code
Fortinet has released a critical security update for its FortiSandbox analysis appliances to fix a dangerous vulnerability. If left unpatched, this flaw could allow attackers to take control of the underlying system. The vulnerability, tracked as CVE-2025-53949, was officially published on…
North Korean Hackers Exploit React2Shell Vulnerability in the Wild to Deploy EtherRAT
A novel, highly sophisticated malware strain targeting vulnerable React Server Components, signaling a significant evolution in how state-sponsored threat actors are exploiting the critical React2Shell vulnerability disclosed just days earlier. On December 5, 2025, just two days after the disclosure…
Gemini Zero-Click Vulnerability Let Attackers Access Gmail, Calendar, and Docs
A critical zero-click vulnerability dubbed “GeminiJack” in Google Gemini Enterprise and previously Vertex AI Search that let attackers steal sensitive corporate data from Gmail, Calendar, and Docs with minimal effort. According to Noma Labs, it was considered an architectural flaw…
CISA Warns of WinRAR 0-Day RCE Vulnerability Exploited in Attacks
A high-priority warning regarding a critical security flaw in WinRAR, the popular file compression tool used by millions of Windows users. The vulnerability, tracked as CVE-2025-6218, is currently being exploited by attackers to compromise systems and execute malicious code. The specific…
Windows PowerShell 0-Day Vulnerability Let Attackers Execute Malicious Code
Security update addressing a dangerous Windows PowerShell vulnerability that allows attackers to execute malicious code on affected systems. The vulnerability, tracked as CVE-2025-54100, was publicly disclosed on December 9, 2025, and represents a significant security risk for organizations worldwide. The…
Windows Cloud Files Mini Filter Driver 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Microsoft has released urgent security updates to address a zero-day vulnerability in the Windows Cloud Files Mini Filter Driver (cldflt.sys) that is currently being exploited in the wild. Assigned the identifier CVE-2025-62221, this elevation of privilege flaw affects a wide…
Microsoft 365 Services Disruption in Australia: Users Face Access Issues in Accessing Services
Users across Australia are currently grappling with significant disruptions to critical business tools as Microsoft 365 services experience a widespread outage. The incident, which began on the morning of December 10, 2025, is preventing a large number of enterprise and…
FortiOS, FortiWeb, and FortiProxy Vulnerability Lets Attackers Bypass FortiCloud SSO Authentication
Fortinet has issued an urgent security advisory regarding a critical vulnerability affecting its FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager product lines. The security flaw, identified as an Improper Verification of Cryptographic Signature (CWE-347), could allow an unauthenticated attacker to bypass the…
Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager
Ivanti has officially released urgent security updates for its Endpoint Manager (EPM) solution to address four distinct security flaws. The latest advisory highlights one critical vulnerability and three high-severity issues that could allow attackers to execute arbitrary code, write files…
Threat Actors Poisoning SEO Results to Attack Organizations With Fake Microsoft Teams Installer
A sophisticated cyber campaign is exploiting search engine optimization (SEO) to distribute a malicious installer disguised as Microsoft Teams, targeting unsuspecting organizations. This campaign, active since November 2025, uses a fake Microsoft Teams website to lure users into downloading a…