-
Django, one of the most popular Python web development frameworks, has disclosed two critical security vulnerabilities that could allow attackers to execute SQL injection attacks and launch denial-of-service attacks. The vulnerabilities, identified as CVE-2025-64458 and CVE-2025-64459, affect core components of the framework and require immediate attention from developers using Django in their applications. The more […] The post Multiple Django Vulnerabilities Enable SQL injection and DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
International law enforcement agencies have taken down three sophisticated fraud and money laundering networks in a coordinated operation that uncovered one of the largest credit card fraud schemes in recent history. The operation, codenamed “Chargeback,” revealed criminal activity affecting over 4.3 million cardholders across 193 countries, with total damages exceeding EUR 300 million and attempted […] The post Authorities Dismanteled Major Credit Card Fraud Operation Impacting 4.3 Million Cardholders appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The security releases for Django 5.2.8, 5.1.14, and 4….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has confirmed that threat actors are actively exploiting a critical remote code execution (RCE) flaw in its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. First disclosed on September 25, 2025, the vulnerability tracked as CVE-2025-20333 poses a severe risk to organizations relying on these firewalls for VPN access. With a […] The post Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Windows remote-access trojan known as ValleyRAT has emerged as a high-confidence indicator of targeted intrusions against Chinese-language users and organizations. ValleyRAT’s operational model relies on a carefully orchestrated d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cl0p, a prominent ransomware group operating since early 2019, has emerged as one of the most dangerous threats in the cybersecurity landscape. With over 1,025 confirmed victims and more than $500 million in extorted funds, this Russian-linked group has consistently targeted corporate and private networks worldwide while strategically avoiding CIS countries. The group earned its […] The post Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three well-known threat groups have consolidated into a unified cybercriminal entity that represents a significant shift in underground tactics. Scattered LAPSUS$ Hunters (SLH) emerged in early August 2025 as a federated alliance combining Scattered Spider, ShinyHunters, and LAPSUS$, creating what researchers describe as the first consolidated alliance among mature cybercriminal clusters. This consolidation marks a […] The post Three Infamous Cybercriminal Groups Form a New Alliance Dubbed ‘Scattered LAPSUS$ Hunters’ appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Remote Access Trojan (RAT) is actively targeting North Korean Human Rights Defenders (HRDs) through a campaign leveraging stolen code-signing certificates to evade antivirus detection. The newly discovered “EndClient RAT,” d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Authorities across nine countries executed a coordinated crackdown on one of the largest credit card fraud networks ever dismantled. Operation Chargeback, led by German prosecutors and the Bundeskriminalamt, brought down criminal organizations respons…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hyundai AutoEver America has disclosed a significant data breach that compromised sensitive personal information of customers, including Social Security numbers and driver’s license details. The cybersecurity incident highlights growing concerns about data protection in the automotive technology sector. Hyundai AutoEver America discovered the cyber incident on March 1, 2025, when unauthorized activity was detected within […] The post Hyundai AutoEver Confirms Data Breach Exposing Users’ Personal Information and SSNs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
