-
A significant vulnerability has been discovered in Angular’s server-side rendering (SSR) implementation that could allow attackers to access sensitive user data. The flaw, rooted in how Angular handles concurrent requests, could lead to data from one user’s session being leaked to another. The Angular team has released patches for all actively supported versions of the […] The post Angular SSR Vulnerability Lets Attackers Access Sensitive Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new remote access trojan named ZynorRAT has emerged as a cross-platform threat, targeting both Windows and Linux systems through an innovative Telegram-based command and control infrastructure. First discovered in July 2025, this Go-compiled malware represents a significant evolution in remote access capabilities, combining traditional RAT functionality with modern communication channels to evade detection […] The post ZynorRAT Attacking Windows and Linux Systems to Gain Remote Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high vulnerability in Angular’s server-side rendering (SSR) feature can lead to sensitive data exposure when multiple requests are handled at the same time. This flaw, tracked as CVE-2025-59052, stems from a global race condition in the platform inje…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ChillyHell first surfaced on public malware repositories in early May 2025, although its developer-signed notarization dates back to 2021. This modular backdoor has eluded detection by major antivirus vendors despite leveraging Apple’s own notarization process to appear legitimate. By masquerading as a benign macOS applet, ChillyHell gains an initial foothold on target machines before deploying […] The post ChillyHell macOS Malware Profiles Compromised Machines and Maintain Persistence with 3 Methods appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in Palo Alto Networks’ User-ID Credential Agent for Windows, identified as CVE-2025-4235, could expose a service account’s password in cleartext under certain non-standard configurations. This flaw creates a significant security risk, as it could allow an unprivileged domain user to escalate their privileges by exploiting the compromised account’s permissions. The vulnerability […] The post Palo Alto Networks User-ID Credential Agent Vulnerability Exposes password In Cleartext appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a stark reminder of how vulnerable online services remain, Qrator Labs has revealed that a sprawling Layer 7 distributed denial-of-service (DDoS) botnet has swelled to over 5.76 million compromised devices, unleashing unprecedented traffic against c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed attack technique enables authenticated users within the popular GitOps tool ArgoCD to exfiltrate powerful Git credentials. The method, discovered by the cybersecurity research group Future Sight, exploits Kubernetes’ internal DNS resolution to intercept credentials in transit, posing a significant risk to organizations relying on the continuous delivery tool. ArgoCD, a leading project […] The post New Attack Technique That Enables Attackers To Exfiltrate Git Credentials In Argocd appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical flaw in CoreDNS’s etcd plugin can let attackers pin DNS records in caches for years, effectively blocking legitimate updates. This vulnerability, tracked as CVE-2025-58063, stems from incorrect handling of etcd lease IDs. It affects every Co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The revelation that commercially available FlexiSPY spyware was clandestinely installed on devices belonging to Kenyan filmmakers while in police custody has ignited fresh concerns over press freedom and governmental overreach. Forensic analysis conduc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered attack method targeting ArgoCD and Kubernetes that could give red-teamers fresh ammo and blue-teamers fresh headaches. This technique lets an attacker abuse Kubernetes DNS to steal powerful Git credentials from ArgoCD, potentially ta…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
