-
A previously unseen malware campaign began circulating in early August 2025, through email attachments and web downloads, targeting users in Colombia and beyond. By leveraging two distinct vector-based file formats—Adobe Flash SWF and Scalable Vector Graphics (SVG)—the attackers crafted a multiphase operation that evaded traditional antivirus detection. Initial reports surfaced when a benign-looking SWF file […] The post Colombian Malware Weaponizing SWF and SVG to Bypass Detection appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new high-severity vulnerability in the Linux kernel to its Known Exploited Vulnerabilities (KEV) catalog, signaling that it is being actively exploited in attacks. The warning, issued on September 4, 2025, calls for urgent action from federal agencies and private sector organizations to mitigate the […] The post CISA Warns of Linux Kernel Race Condition Vulnerability Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers can bypass Endpoint Detection and Response (EDR) tools and file locks by reading raw disk sectors directly, highlighting the urgent need for organizations to audit and secure the drivers installed on their Windows systems. In modern Windows e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new botnet called NightshadeC2 that employs an innovative “UAC Prompt Bombing” technique to evade Windows Defender and compromise endpoint security systems. In August 2025, eSentire’s Threat Response Unit (TRU) identif…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently patched vulnerability in a core Windows driver could allow a local attacker to execute code with the highest system privileges, effectively taking full control of a target machine. The flaw, identified as CVE-2025-53149, is a heap-based buffer overflow discovered in the Kernel Streaming WOW Thunk Service Driver (ksthunk.sys). Microsoft addressed the issue in […] The post Windows Heap-based Buffer Overflow Vulnerability Let Attackers Elevate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in Microsoft Windows systems that allows attackers to escalate their privileges and potentially gain complete control over affected machines. The vulnerability, designated CVE-2025-53149, affec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated malware campaign targeting Colombian institutions through an unexpected vector: weaponized SWF and SVG files that successfully evade traditional antivirus detection. The discovery emerged through VirusTotal’s newly enhanced Code I…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have detected massive scanning campaigns targeting Cisco Adaptive Security Appliance (ASA) devices, with attackers probing over 25,000 unique IP addresses in coordinated waves that may signal an upcoming vulnerability disclosure. G…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chess.com, the world’s leading online chess platform, has confirmed a significant data breach that compromised personal information of thousands of users after hackers successfully exploited an external system connected to their network. The Orem…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An unprecedented surge in malicious scanning activity targeting Cisco Adaptive Security Appliances (ASAs) occurred in late August 2025, with over 25,000 unique IP addresses participating in coordinated reconnaissance efforts. GreyNoise, a threat intelligence company, observed two distinct scanning waves that represent a dramatic escalation from the typical baseline activity of fewer than 500 IPs per […] The post Hackers Scanning Cisco ASA Devices to Exploit Vulnerabilities from 25,000 IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
