-
Microsoft has disclosed a significant vulnerability in Windows Remote Desktop Services (RDS) that could allow authorized attackers to escalate their privileges on affected systems. Tracked as CVE-2025-60703, the flaw stems from an untrusted pointer dereference, a classic memory safety issue that has plagued software for years, and carries an “Important” severity rating from the company. The […] The post Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In the fast-paced world of “vibecoding,” where developers use AI to build applications rapidly, a new open-source tool is stepping up to tackle security risks. SecureVibes, created by developer Anshuman Bhartiya, leverages Anthropic’s Claude AI through a multi-agent system to detect vulnerabilities in codebases automatically. Released in October 2025, this Python-based scanner aims to make […] The post SecureVibes – AI-backed Tool Uses Claude AI Agents to Scan for Vulnerabilities Across 11 Languages appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Tor Project has released a fresh update for its privacy-focused web browser. Tor Browser 15.0.1 is now available and addresses several high-risk security issues that could have compromised users’ privacy. This update is recommended for all us…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Losing an iPhone is stressful enough without becoming the target of sophisticated scammers. A new phishing campaign is exploiting device owners’ distress by impersonating Apple and claiming that their lost iPhones have been recovered. These attac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released Chrome version 142.0.7444.162/.163 to address a high-severity security vulnerability in the V8 JavaScript engine. The stable channel update is now rolling out across Windows, Mac, and Linux platforms over the coming days and weeks. The security fix addresses CVE-2025-13042, classified as a “High” severity vulnerability involving an inappropriate implementation in V8, Chrome’s core […] The post Chrome Patches High-severity Implementation Vulnerability in V8 JavaScript engine appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Lite XL, a lightweight text editor written in Lua and C that runs on Windows, Linux, and macOS, has been found to contain a high vulnerability that could enable arbitrary code execution. Security researchers have identified flaws in how the editor hand…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Russian-speaking threat actor has orchestrated an extensive phishing campaign that has registered over 4,300 malicious domains targeting travelers since the beginning of 2025. The sophisticated operation customizes phishing pages to impersonate legit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed a critical Windows Kernel vulnerability that is currently under active exploitation in the wild. Tracked as CVE-2025-62215, the flaw enables attackers to escalate privileges and gain elevated access on vulnerable Windows systems…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ferocious Kitten has emerged as a significant cyber-espionage threat targeting Persian-speaking individuals within Iran since at least 2015. The Iranian-linked advanced persistent threat group operates with a highly focused objective, utilizing politically themed decoy documents to manipulate victims into executing weaponized files. Over the years, the group developed a sophisticated custom implant known as MarkiRAT, […] The post Ferocious Kitten APT Deploying MarkiRAT to Capture Keystroke and Clipboard Logging appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Mozilla Foundation released three critical security advisories on November 11, 2025, addressing 16 unique vulnerabilities across multiple Firefox versions and platforms. The updates target Firefox 145, Firefox ESR 115.30, and Firefox ESR 140.5, wit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
