-
CISA issued a warning of two critical path traversal flaws in Delta Electronics’ DIALink industrial control system software. With a maximum CVSS v4 base score of 10.0, these vulnerabilities could be exploited remotely with low attack complexity to bypass authentication and gain unauthorized access to critical manufacturing environments. Delta Electronics Path Traversal Flaws Delta Electronics […] The post CISA Warns of Delta Electronics Vulnerabilities Let Attackers Bypass Authentication appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVS…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Since January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to phishing websites. This ploy misleads users and evades security tools. Victims are first …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remote Desktop Protocol (RDP) and Secure Shell (SSH) have changed how organizations manage their IT systems. These tools allow employees to access and control their computers from anywhere, which helps teams work together better. By enabling secure connections to work environments, RDP and SSH support flexibility and productivity in today’s digital world. These two protocols […] The post RDP vs SSH Comparison – Features, Protocols, Security, And Use Cases appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury jeweler Tiffany and Company has confirmed a data breach that exposed the personal information of 2,590 customers. The company discovered unauthorized access to an external system on September 9, 2025, but determined the incident first occur…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A deserialization flaw in the License Servlet component of Fortra GoAnywhere Managed File Transfer (MFT) platform. Identified as CVE-2025-10035, this vulnerability permits an unauthenticated attacker who can deliver a forged license response signature to trigger Java deserialization of attacker-supplied objects, potentially resulting in arbitrary command execution and full system compromise. Deserialization Flaw (CVE-2025-10035) GoAnywhere MFT’s […] The post Critical GoAnywhere MFT Platform Vulnerability Exposes Enterprises to Remote Exploitation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
UK law enforcement agencies have arrested two individuals linked to the notorious Scattered Spider cybercriminal group. The arrests, announced on Tuesday, pertain to a sophisticated attack on London’s transport systems. Authorities say the suspects inf…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and NCS (Nokia Container Service) Manager API (CVE-2023-49564). With a CVSS 3.1 score of 9.6…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed flaw in HubSpot’s open-source Jinjava template engine could allow attackers to bypass sandbox restrictions and achieve remote code execution (RCE) on thousands of websites relying on versions prior to 2.8.1. Tracked as CVE-2025-59340 and rated Critical with a CVSS v3.1 score of 10.0, the issue stems from JavaType‐based deserialization, enabling threat actors […] The post HubSpot’s Jinjava Engine Vulnerability Exposes Thousands of Websites to RCE Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury jewelry brand Tiffany and Company has confirmed a data breach that resulted in the theft of customers’ personal information. The company is in the process of sending out notification letters to affected individuals, detailing the scope of the incident and the data that was compromised. According to the notification, Tiffany experienced a “cybersecurity issue” […] The post Luxury Jewelry Creator Tiffany Confirms Data breach – Hackers Stolen Users Personal Information appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
