-
At Pwn2Own Ireland 2025, cybersecurity researchers Ben R. and Georgi G. from Interrupt Labs showcased an impressive achievement by successfully exploiting a zero-day vulnerability in the Samsung Galaxy S25. This allowed them to gain full control over the device, enabling them to activate the camera and track the user’s location. The exploit, revealed on the […] The post Hackers Exploited Samsung Galaxy S25 0-Day Vulnerability to Enable Camera and Track Location appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SpaceX has disabled over 2,500 Starlink satellite internet terminals linked to notorious scam centers in Myanmar. The action underscores the company’s commitment to denying the misuse of its technology amid rising global concerns over online scams originating from Southeast Asia. SpaceX announced the proactive measure on Wednesday, revealing that the terminals were concentrated near suspected […] The post SpaceX Disabled 2,500+ Starlink Terminals Tied to Scam Centers in Myanmar appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new vulnerability in Perplexity’s Comet AI browser allows attackers to inject malicious prompts through seemingly innocuous screenshots. Disclosed on October 21, 2025, this flaw builds on earlier concerns about prompt injection in agentic browsers, AI-powered tools that act on users’ behalf. The discovery highlights ongoing risks in these emerging technologies, where hidden instructions can […] The post Perplexity’s Comet Browser Screenshot Feature Vulnerability Let Attackers Inject Malicious Prompts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Arctic Wolf Labs have uncovered a cunning new threat dubbed Caminho, a Brazilian Loader-as-a-Service (LaaS) that’s turning everyday images into Trojan horses for malware. Active since March 2025 and evolved rapidly by…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Researchers have discovered a critical security vulnerability in Perplexity’s Comet AI browser that allows attackers to inject malicious commands through hidden text in screenshots. The vulnerability, disclosed on October 21, 2025, demonstrates h…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated and widespread smishing campaign originating from China has emerged as a significant threat to users worldwide. Researchers have attributed the ongoing attack to a group known as the Smishing Triad, which has demonstrated unprecedented …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have begun actively targeting a critical remote code execution flaw in Adobe’s Magento e-commerce platform, putting thousands of online stores at immediate risk just six weeks after Adobe issued an emergency patch. Known as SessionReaper and tracked as CVE-2025-54236, the vulnerability allows unauthenticated attackers to hijack customer sessions and potentially execute arbitrary code, leading […] The post Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild – 3 in 5 Stores Vulnerable appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Scammers have intensified their efforts to defraud vulnerable populations through sophisticated impersonation schemes and fraudulent financial aid offers, according to recent intelligence monitoring and law enforcement findings. The threat landscape re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Wordfence Threat Intelligence and their Care and Response teams have observed a persistent trend in new malware that leverages heavy obfuscation techniques to evade detection. While some malware attempts to blend in as legi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Unauthenticated attackers are actively exploiting a critical vulnerability affecting Adobe Commerce and Magento platforms worldwide. The flaw, tracked as CVE-2025-54236 and dubbed SessionReaper, enables remote code execution and customer account t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
