Apple has released a security update for macOS Sequoia 15.7.1 to address a serious vulnerability in its font parser. The flaw, tracked as CVE-2025-43400, allows a maliciously crafted font file to trigger an out-of-bounds write. Exploitation could cause unexpected application crashes…
Tag: EN
Microsoft blocks AI code, Breach hits WestJet, Harrods suffers new data incident
AI-generated code used in phishing campaign blocked by Microsoft WestJet notifies American consumers of data breach Ukrainian cops spoofed in fileless phishing attacks on Kyiv Huge thanks to our sponsor, Nudge Security AI tools have spread to every corner of…
Silent Smishing : The Hidden Abuse of Cellular Router APIs
This article on was originally distributed as a private report to our customers. Introduction The monitoring and analysis of vulnerability exploitations are among the primary responsibilities of Sekoia.io’s Threat Detection & Research (TDR) team. Using our honeypots, we monitor traffic…
Veeam RCE Exploit Allegedly Listed for Sale on Dark Web
A new dark web marketplace listing has sparked alarm in the cybersecurity community after a seller using the handle “SebastianPereiro” purportedly advertised a remote code execution (RCE) exploit targeting Veeam Backup & Replication platforms. The alleged exploit, marketed as the…
Apple Font Parser Vulnerability Enables Malicious Fonts to Crash or Corrupt Process Memory
Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to crash applications or corrupt process memory. The vulnerability, identified as CVE-2025-43400, affects a wide range…
Critical Western Digital My Cloud NAS Devices Vulnerability Let Attackers Execute Malicious Code
Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw, tracked as CVE-2025-30247, could allow a remote attacker to execute arbitrary code on vulnerable systems, potentially leading to a complete…
VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root
VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure. Disclosed on 29 September 2025, the advisory covers CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246…
VMware vCenter and NSX Flaws Allow Hackers to Enumerate Usernames
Broadcom released VMSA-2025-0016 to address three key vulnerabilities affecting VMware vCenter Server and NSX products. The vulnerabilities include an SMTP header injection in vCenter (CVE-2025-41250) and two distinct username enumeration flaws in NSX (CVE-2025-41251 and CVE-2025-41252). All three are rated…
Risk of Prompt Injection in LLM-Integrated Apps
Large Language Models (LLMs) are at the core of today’s AI revolution, powering advanced tools and other intelligent chatbots. These sophisticated neural networks are trained on vast amounts of text data, enabling them to understand context, language nuances, and complex…
The hidden risks inside open-source code
Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is simply part of the environment, not something they think about every day.…
VMware vCenter and NSX Vulnerabilities Let Attackers Enumerate Valid Usernames
VMware has disclosed critical security vulnerabilities in vCenter Server and NSX platforms that could allow attackers to enumerate valid usernames and manipulate system notifications. The vulnerabilities, tracked as CVE-2025-41250, CVE-2025-41251, and CVE-2025-41252, affect multiple VMware products, including Cloud Foundation, vSphere…
Cyber risk quantification helps CISOs secure executive support
In this Help Net Security interview, Vivien Bilquez, Global Head of Cyber Resilience at Zurich Resilience Solutions, discusses how organizations are rethinking cyber resilience. He talks about the priorities CISOs should focus on and the risks that are often overlooked.…
CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the…
Hackers Distribute Malicious Microsoft Teams Build to Steal Remote Access
Cybersecurity researchers have identified a sophisticated campaign where threat actors are using malicious advertisements and search engine optimization poisoning to distribute fake Microsoft Teams installers containing the Oyster backdoor malware. The campaign targets users searching for legitimate Microsoft Teams downloads…
Lunar Spider Infected Windows Machine in Single Click and Harvested Login Credentials
A sophisticated cybercriminal group known as Lunar Spider successfully compromised a Windows machine through a single malicious click, establishing a foothold that allowed them to harvest credentials and maintain persistent access for nearly two months. The intrusion, which began in…
New Harrods Data Breach Leaks Personal Information of 430,000 Customers
Luxury department store Harrods has become the latest victim of a significant cybersecurity incident after hackers successfully accessed personal data belonging to 430,000 customers. The prestigious London retailer confirmed that threat actors contacted the company following the breach, though Harrods has stated it…
10 Essential Elements of an Effective Dynamic Risk Assessment
Key Takeaways Risk is a moving picture. As organizations grow more digital, interconnected, and regulated, risks evolve. A vendor that looked safe yesterday may be compromised today. A control that passed an audit last quarter might already be outdated. A…
New Splunk 10 Feature – Effective Configuration
One of the Splunk 10 features I’m most excited about is the “Effective Configuration” dashboard. In this blog post, I’ll explore why this might be my favorite new Splunk 10 feature so far! The Need You likely have a number…
Case Study: Penetration Testing for a Technology-Focused Environmental Solutions Provider
Overview The client is a technology-driven provider of environmental monitoring solutions, focused on developing analytical tools used in industrial settings. Their product portfolio includes both mobile and stationary devices designed to support complex operational environments, such as renewable energy facilities,…
Your budget Android phone might be spying on you
Researchers have found that many low-cost Android devices come with pre-installed apps that have high-level access to the system. Unlike apps from the Google Play Store, many of these are not subject to thorough checks and can serve as vectors…