-
A critical zero-day vulnerability in Citrix NetScaler products, identified as CVE-2025-6543, has been actively exploited by threat actors since at least May 2025, months before a patch was made available. While Citrix initially downplayed the flaw as a “memory overflow vulnerability leading to unintended control flow and Denial of Service,” it has since been revealed […] The post Critical Citrix 0-Day Vulnerability Exploited Since May, Leaving Global Entities Exposed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new malware campaign, dubbed “Sindoor Dropper,” is targeting Linux systems using sophisticated spear-phishing techniques and a multi-stage infection chain. The campaign leverages lures themed around the recent India-Pakistan conflict, known as Operation Sindoor, to entice victims into executing malicious files. This activity’s standout feature is its reliance on weaponized .desktop files, a method previously […] The post New ‘Sindoor Dropper’ Malware Targets Linux Systems with Weaponized .desktop Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
API penetration testing has evolved dramatically in 2025. While traditional, human-led penetration testing remains critical, the scale and complexity of modern APIs have necessitated a new approach. The companies on this list are not just offering one-time testing services; they provide automated, continuous, and intelligent API security platforms that perform dynamic testing, behavioral analysis, and […] The post Top 10 Best API Penetration Testing Companies In 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Kevin Beaumont has revealed alarming details about CVE-2025-6543, a critical Citrix NetScaler vulnerability that was actively exploited as a zero-day attack for months before the company issued patches. What Citrix initially downpla…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
QNAP Systems has released security patches to address multiple vulnerabilities affecting QVR firmware in legacy VioStor Network Video Recorder (NVR) systems. The company disclosed two significant security flaws on August 29, 2025, urging users to updat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has issued a broad security alert to its 2.5 billion Gmail users, advising them to enhance their account security in the wake of a data breach involving one of the company’s third-party Salesforce systems. The incident, which occurred in June 2025, has escalated concerns over sophisticated phishing campaigns targeting a massive user base. In […] The post Google Warns 2.5B Gmail Users to Reset Passwords Following Salesforce Data Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Attorney’s Office for the District of New Mexico announced Thursday that federal authorities have executed a court-authorized seizure of two domain names and one affiliated blog associated with VerifTools, an online marketplace peddling counterfeit driver’s licenses, passports, and other state- and country-issued identity documents. Operating under the banner of VerifTools since 2020, the […] The post U.S. Government Seizes Online Marketplaces Used to Sell Fraudulent Identity Documents to Cybercriminals appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WhatsApp has issued a critical security advisory addressing a newly discovered zero-day vulnerability, tracked as CVE-2025-55177, which has been exploited in highly sophisticated zero-click attacks targeting Mac and iOS users. The vulnerability, combin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now identified as CVE-2025-55177, was combined with a separate vulnerability in Apple’s operating systems to compromise devices and access user data. WhatsApp has since patched the vulnerability and has […] The post WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
