-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager Forms vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in the wild. The secur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers. Tracked as CVE-2025-10230, the vulnerability stems from improper validation in the Windows Internet Name Service (WINS) hook mechanism, earning a perfect CVSS 3.1 score of 10.0 for its ease of exploitation and devastating potential impact. […] The post Critical Samba RCE Vulnerability Enables Arbitrary Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
PhantomVAI Loader, a newly renamed multi-stage .NET loader tracked by Unit 42, is being used in widespread phishing campaigns to deliver a variety of information-stealing malware families. Initially identified as Katz Stealer Loader for its role in dep…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe code execution vulnerability in Adobe Experience Manager Forms, urging organizations to patch immediately. Tracked as CVE-2025-54253, this flaw affects the Java Enterprise Edition (JEE) version of the software and enables attackers to execute arbitrary code on vulnerable systems. First disclosed […] The post CISA Warns Of Adobe Experience Manager Forms 0-Day Vulnerability Exploited In Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Zscaler have uncovered a sophisticated malware campaign that exploits search engine optimization (SEO) poisoning to distribute a trojanized version of the Ivanti Pulse Secure VPN client, targeting unsuspecting users seeking…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Trend Micro have discovered an active attack campaign dubbed “Operation Zero Disco” that exploits a critical vulnerability in Cisco’s Simple Network Management Protocol (SNMP) implementation. The vulnerabi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic Security Labs has officially released nightMARE version 0.16, a comprehensive Python library designed to streamline malware analysis and reverse engineering workflows. The open-source tool consolidates multiple analysis capabilities into a sing…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to bypass security protections and access encrypted data. Released on October 14, 2025, as part of the latest Patch Tuesday updates, these flaws, tracked as CVE-2025-55338 and CVE-2025-55333, pose a significant risk to users relying on BitLocker for […] The post Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has confirmed a critical issue affecting Windows Server 2025 systems following the installation of October 2025 security updates. The problem disrupts Active Directory directory synchronization, specifically impacting organizations managing l…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated banking Trojan named Maverick has emerged in Brazil, leveraging WhatsApp as its primary distribution channel to compromise thousands of users. The malware campaign was detected in mid-October 2025, with cybersecurity solutions blocking over 62,000 infection attempts in just the first ten days of the month. The threat specifically targets Brazilian users through Portuguese-language […] The post New Banking Malware Abusing WhatsApp to Gain Complete Remote Access to Your Computer appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
