-
Volkswagen Group is investigating claims from the 8Base ransomware group, which asserts it has stolen sensitive company data. While the German automaker has stated that its core IT systems are secure, its response leaves open the possibility of a breac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems, enabling attackers with local access to exploit symlink attacks and race conditions for full root privilege escalation. Root access, the ideal of control in Unix-like environments, could open doors to […] The post PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute arbitrary code via IKEv2 VPN connections. Designated CVE-2025-9242 under advisory WGSA-2025-00015, the flaw carries a CVSS 4.0 score of 9.3, highlighting its potential for high-impact exploitation on Firebox appliances. Published on September 17, 2025, and updated two […] The post WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Volkswagen Group has issued a statement addressing claims by the ransomware group 8Base, which alleges it has stolen and leaked sensitive data from the automaker. The German carmaker maintains that its core IT infrastructure remains unaffected; however, the company’s vague response leaves questions about the full scope of the incident and raises concerns about a […] The post Volkswagen Allegedly Hit by Ransomware Attack as 8Base Claims Sensitive Data Theft appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s latest security update has rendered USB keyboards and mice inoperable within the Windows Recovery Environment (WinRE). Released on October 14, 2025, as KB5066835 for OS Build 26100.6899, the patch affects Windows 11 versions 24H2 and 25H2, as well as Windows Server 2025. The glitch emerged shortly after installation, leaving users unable to navigate recovery […] The post Windows 11 24H2/25H2 Update Blocks Mouse and Keyboard in Recovery Mode appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Envoy Air, a wholly owned subsidiary of American Airlines, has confirmed it fell victim to a hacking campaign exploiting vulnerabilities in Oracle’s E-Business Suite (EBS). The breach, first highlighted by the notorious Clop ransomware group, underscores the growing risks facing enterprise software in the aviation sector. Clop, known for high-profile extortion schemes like the MOVEit […] The post American Airlines Subsidiary Envoy Compromised in Oracle Hacking Campaign appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are leveraging Microsoft Azure Blob Storage to craft highly convincing phishing sites that mimic legitimate Office 365 login portals, putting Microsoft 365 users at severe risk of credential theft. This method exploits trusted Microsoft infrastructure, making the attacks harder to spot as the fraudulent pages appear secured by official SSL certificates issued by […] The post New Phishing Attack Leverages Azure Blob Storage to Impersonate Microsoft appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other serious offenses across the continent. The coordinated action, codenamed ‘SIMC…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zimbra has released an emergency security patch to address a critical Server-Side Request Forgery (SSRF) vulnerability that could allow attackers to access sensitive data through the platform’s chat proxy configuration. The flaw, classified as hi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s October 2025 Windows 11 update has introduced an unexpected connectivity issue affecting developers and IT professionals worldwide. The security patch KB5066835, released on October 14, 2025, for OS Builds 26200.6899 and 26100.6899, h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
