-
A recently patched vulnerability in a core Windows driver could allow a local attacker to execute code with the highest system privileges, effectively taking full control of a target machine. The flaw, identified as CVE-2025-53149, is a heap-based buffer overflow discovered in the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys). Microsoft addressed the issue in […] The post Windows Heap-based Buffer Overflow Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Microsoft Windows systems that allows attackers to escalate their privileges and potentially gain complete control over affected machines. The vulnerability, designated CVE-2025-53149, affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign targeting Colombian institutions through an unexpected vector: weaponized SWF and SVG files that successfully evade traditional antivirus detection. The discovery emerged through VirusTotal’s newly enhanced Code I…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have detected massive scanning campaigns targeting Cisco Adaptive Security Appliance (ASA) devices, with attackers probing over 25,000 unique IP addresses in coordinated waves that may signal an upcoming vulnerability disclosure. G…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chess.com, the world’s leading online chess platform, has confirmed a significant data breach that compromised personal information of thousands of users after hackers successfully exploited an external system connected to their network. The Orem…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An unprecedented surge in malicious scanning activity targeting Cisco Adaptive Security Appliances (ASAs) occurred in late August 2025, with over 25,000 unique IP addresses participating in coordinated reconnaissance efforts. GreyNoise, a threat intelligence company, observed two distinct scanning waves that represent a dramatic escalation from the typical baseline activity of fewer than 500 IPs per […] The post Hackers Scanning Cisco ASA Devices to Exploit Vulnerabilities from 25,000 IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Online chess giant Chess.com has disclosed a data breach that compromised the personal information of 4,541 individuals, according to a filing with the Maine Attorney General’s Office. The cyber incident took place on June 5, 2025 and was discovered nearly two weeks later on June 19, 2025. Chess.com confirmed that the breach was the result of an external hack, where attackers gained […] The post Chess.com Data Breach – Hackers Breached External System and Gained Internal Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers uncovered a sophisticated, Iran-linked spear-phishing operation that exploited a compromised Ministry of Foreign Affairs (MFA) mailbox in Oman to deliver malicious payloads to government entities worldwide. Analysts attribute …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybercriminals are deploying increasingly sophisticated methods to bypass security systems, with the latest threat emerging from the advanced Tycoon phishing-as-a-service kit. This malicious platform has introduced novel techniques designed to obscure dangerous links, making them nearly invisible to traditional detection systems while maintaining their effectiveness against unsuspecting victims. The Tycoon phishing kit represents a significant […] The post Tycoon Phishing Kit Employs New Technique to Hide Malicious Links appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Tire manufacturer launches a comprehensive investigation after a limited cyber incident affects operations at multiple plants. Bridgestone Americas has confirmed that a cyberattack has impacted manufacturing facilities across North America, including t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
