-
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the secure boot chain of the Nothing Phone (2a) and CMF Phone 1, potentially affecting other devices using MediaTek systems-on-a-chip (SoCs). The exploit, named Fenrir and published by researcher R0rt1z2, allows for arbitrary code execution at the highest privilege level, effectively breaking the […] The post PoC Exploit Released For Nothing Phone Code Execution Vulnerability appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Norbert Szetei published the final installment of his deep-dive into the ksmbd filesystem module, culminating in a working proof-of-concept exploit targeting CVE-2025-37947. Unlike earlier use-after-free candidates that required com…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Corporate data security faces an unprecedented crisis as new research reveals widespread employee misuse of generative AI platforms. A comprehensive study examining enterprise browsing behavior has uncovered alarming patterns of sensitive data exposure across organizations worldwide. The research, based on real-world telemetry from enterprise browsers, demonstrates that artificial intelligence tools have become the primary vector […] The post 77% of Employees Share Company Secrets on ChatGPT Compromising Enterprise Policies appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have discovered a sophisticated evolution of the ClickFix attack technique that leverages browser cache smuggling to covertly place malicious files on target systems without traditional file downloads. This advanced social eng…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have released a full proof-of-concept (PoC) exploit for a high-severity vulnerability in the Linux kernel’s ksmbd module, demonstrating a reliable path to local privilege escalation. The vulnerability, tracked as CVE-2025-37947, is an out-of-bounds write that can be leveraged by an authenticated local attacker to gain complete root control over a vulnerable system. This […] The post Linux Kernel ksmbd Filesystem Vulnerability Exploited – PoC Released appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Self-managed installations should upgrade immediately to versions 18.4.2, 18.3.4,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities that could lead to denial-of-service (DoS) attacks and allow unauthorized access. All self-managed GitLab installations are strongly advised to upgrade promptly to mitigate potential disruptions. GitLab.com and […] The post GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly spotted Python remote access trojan (RAT) on VirusTotal employs advanced polymorphic and self-modifying techniques, allowing it to alter its code signature on every execution and evade detection. Security researchers examining VirusTotal submis…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The popular communication platform Discord is confronting a major extortion attempt after cybercriminals breached one of its third-party customer service providers, compromising sensitive user data including government identification photos used for ag…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ransomware threats reached a tipping point in Q3 2025 as data-leak sites surged to a record 81 active platforms, driven by major developments across the ecosystem. English-speaking hacking collective Scattered Spider teased its first ransomware-as-a-se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
