-
The Brida security testing toolkit has released version 0.6, marking a significant update that brings full compatibility with the latest Frida dynamic instrumentation framework. This new release addresses critical compatibility gaps that emerged after …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Ubuntu’s Linux kernel has been exposed, allowing local attackers to escalate privileges and potentially gain root access on affected systems. Disclosed at TyphoonPWN 2025, the flaw stems from a reference count imbalance in the af_unix subsystem, leading to a use-after-free (UAF) condition that researchers demonstrated with a full proof-of-concept exploit. This […] The post Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new Android banking Trojan named Herodotus has emerged as a significant threat to mobile users, introducing a novel approach that deliberately mimics human typing patterns to evade behavioral biometrics detection systems. The malware…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IPFire 2.29 Core Update 198 marks a significant advancement for users of this open-source firewall, introducing enhanced Intrusion Prevention System (IPS) capabilities powered by Suricata 8.0.1. This release emphasizes improved network monitoring through innovative reporting tools, alongside toolchain rebasing and extensive package updates to bolster security and performance. Designed for both small offices and large […] The post Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have discovered a sophisticated phishing technique that weaponizes invisible Unicode characters embedded within email subject lines using MIME encoding—a tactic that remains largely unknown among email security professionals. The d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Social media platform X announced that it will stop supporting the old Twitter.com website for two-factor authentication (2FA) by November 10, 2025. This change marks the platform’s shift away from its Twitter roots. Users relying on security keys tied to the old domain must re-enroll their devices to maintain account access, as part of X’s […] The post X to Phase Out Twitter Domain – Users Advised to Re-enroll in 2FA Keys appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Advanced Persistent Threat (APT) MuddyWater has orchestrated a sophisticated phishing campaign targeting over 100 government entities across the Middle East, North Africa, and international organizations worldwide. Group-IB Threat Intelligence has attr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures. Disclosed on October 24, 2025, under CVE-2025-55315, this flaw stems from HTTP Request Smuggling (CWE-444) and poses risks to systems relying on outdated .NET components. QNAP, a leading provider of network-attached storage solutions, has issued urgent guidance, […] The post Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The IPFire project has announced the release of version 2.29, Core Update 198, marking a significant milestone in the open-source firewall’s evolution. This update introduces transformative improvements to the Intrusion Prevention System, coupled…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly advertised information-stealing malware called Anivia Stealer has surfaced on the dark web, with threat actor ZeroTrace aggressively promoting the C++17-based infostealer as a commercial malware-as-a-service offering. The malware implements sop…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
