-
In early 2025, a novel campaign attributed to the Chinese APT group known as Jewelbug began targeting an IT service provider in Russia. The attackers infiltrated build systems and code repositories, laying the groundwork for a potential software supply chain compromise. Initial access was achieved via a renamed Microsoft Console Debugger binary, “7zup.exe,” which executed […] The post Chinese APT Group IT Service Provider Leveraging Microsoft Console Debugger to Exfiltrate Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s latest security updates have triggered synchronization failures in Active Directory environments running on Windows Server 2025. The issue, confirmed on October 14, 2025, affects directory synchronization for large security groups, potentially halting critical identity management processes across enterprise networks. The problem stems from the September 2025 Windows security update, KB5065426, which targets OS Build […] The post Microsoft October 2025 Security Update Causes Active Directory Sync Issues on Windows Server 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP released its October 2025 Security Patch Day fixes, addressing 13 new vulnerabilities and updating four prior notes, with several critical flaws in NetWeaver enabling attackers to sidestep authorization and run arbitrary operating system commands on affected systems. Among the most alarming is CVE-2025-42944, an insecure deserialization issue in SAP NetWeaver AS Java’s RMI-P4 module, […] The post New SAP NetWeaver Vulnerabilities Allow Attackers to Bypass Authorization and Execute OS Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
There’s a moment, right after a new alert hits, when the room holds its breath. Everyone waits for context; is it real, is it noise, is it already too late? In those seconds, the difference between an average SOC and a great one is obvious. Some scramble for answers; others move in sync, sharing context […] The post 5 Must-Follow Rules of Every Elite SOC: CISO’s Checklist appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability information. The incident, which began in August 2025, targeted F5’s product develo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In mid-2025, Lab539 researchers observed an unexpected surge in a novel browser-based malware campaign dubbed “ClickFix.” Emerging quietly in July, the threat quickly expanded its reach by registering over 13,000 unique domains designed to lure users into executing malicious commands on their own devices. The attack leverages compromised or low-cost hosting infrastructure, including a significant […] The post Hackers Registered 13,000+ Unique Domains and Leverages Cloudflare to Launch Clickfix Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
F5, a leading provider of application security and delivery solutions, disclosed a major security incident. The company revealed that a sophisticated nation-state threat actor had gained long-term access to internal systems, exfiltrating sensitive files including BIG-IP source code and details on undisclosed vulnerabilities. While F5 emphasized that no critical exploits or active attacks on customers […] The post F5 Breached – Hackers Stole BIG-IP Source Code and Undisclosed Vulnerabilities Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The GhostBat RAT campaign has emerged as a sophisticated threat targeting Indian Android users through counterfeit Regional Transport Office (RTO) applications. First observed in mid-2025, these malicious APKs masquerade as the official “mParivahan” app, exploiting user trust in government services. Distribution occurs primarily via smishing—WhatsApp messages and SMS containing shortened URLs redirecting victims to GitHub-hosted […] The post GhostBat RAT Android Malware With Fake RTO Apps Steals Targeting Indian Users to Steal Banking Data appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated attack campaign dubbed “Operation Zero Disco,” where threat actors are actively exploiting a critical Cisco Simple Network Management Protocol (SNMP) vulnerability to install Linux rootkits on vulnerable network devices. Trend Micro observed an operation exploiting CVE-2025-20352, which allows remote code execution (RCE) and grants persistent unauthorized access, primarily targeting older Cisco switches that […] The post Cisco SNMP 0-Day Vulnerability Actively Exploited To Deploy Linux Rootkits appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert on October 14, 2025, highlighting a critical vulnerability in Rapid7’s Velociraptor endpoint detection and response (EDR) tool. This flaw, stemming from incorrect default permissions, has already been weaponized by threat actors to execute arbitrary commands and seize control of infected endpoints, amplifying risks for […] The post CISA Warns Of Rapid7 Velociraptor Vulnerability Exploited in Ransomware Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
