-
A newly disclosed vulnerability in SAP NetWeaver AS ABAP and ABAP Platform (CVE-2025-42902) allows unauthenticated attackers to crash server processes by sending malformed SAP Logon or SAP Assertion Tickets. Rated Medium severity with a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem—not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for maliciou…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SimonMed Imaging, a leading U.S. provider of outpatient medical imaging services, has disclosed a major cybersecurity incident that compromised the personal and health data of approximately 1.2 million patients. The breach, which occurred earlier this year, was linked to a ransomware attack claimed by the notorious Medusa group, highlighting ongoing vulnerabilities in the healthcare sector. […] The post SimonMed Data Breach Exposes 1.2 Million Patients Sensitive Information appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remote monitoring and management (RMM) tools have long served as indispensable assets for IT administrators, providing seamless remote control, unattended access, and scripted automation across enterprise endpoints. In recent months, security researchers have observed a surge in adversaries repurposing ScreenConnect—a ConnectWise RMM solution—as a clandestine backdoor for initial intrusion and ongoing control. Emerging from widespread […] The post ScreenConnect Abused by Threat Actors to Gain Unauthorized Remote Access to Your Computer appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have launched a sophisticated phishing campaign impersonating both OpenAI and the recently released Sora 2 AI service. By cloning legitimate-looking landing pages, these actors are duping users into submitting their login credentials, participa…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SimonMed Imaging has confirmed that an external hacking incident compromised the personal data of 1,275,669 patients, making it one of the largest healthcare breaches of the year. The breach, which occurred on January 21, 2025, but was not discovered u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a sprawling network of covert remote labor, more than 10,000 North Korean IT professionals have infiltrated global technology and freelance marketplaces by exploiting VPNs, virtual private servers (VPS), and so-called “laptop farms” to conceal their…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti has disclosed 13 vulnerabilities in its Endpoint Manager (EPM) software, including two high-severity flaws that could enable remote code execution and privilege escalation, urging customers to apply mitigations while patches remain in development. The announcement comes amid growing scrutiny of enterprise management tools, as attackers increasingly target them for supply chain compromises. Although no […] The post Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new proof-of-concept (PoC) exploit has been published for a critical flaw in the widely used sudo utility. This vulnerability enables any local user to escape a chroot jail and execute commands with root privileges. Organizations relying on…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recent surge in threat actors leveraging remote management and monitoring (RMM) tools for initial access has intensified scrutiny of platforms once reserved for legitimate IT administration. While AnyDesk has waned in popularity among adversaries due…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
