-
Google has released critical security updates to address multiple zero-day vulnerabilities affecting Android devices worldwide. The December 2025 security bulletin reveals that threat actors are actively exploiting at least two of these vulnerabilities in real-world attacks, prompting urgent action from the tech giant. Critical Vulnerabilities Under Active Exploitation The two most concerning vulnerabilities being actively […] The post Google Patches Android 0-Day Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered information-stealing malware called Arkanix is rapidly evolving to target sensitive user data, including VPN credentials, system information, and wireless network passwords. Security researchers have identified this emerging threat a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated threat group operating under the name ShadyPanda has successfully compromised millions of browser users through a methodical seven-year campaign targeting popular Chrome and Edge extensions. The attack represents a significant breach of user trust, as the malicious extensions gained verified status from both Google and Microsoft, making them appear legitimate to unsuspecting users. […] The post 4.3 Million Chrome and Edge Users Hacked in 7-Year ShadyPanda Malware Campaign appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenVPN has released critical security updates for its 2.6 stable and 2.7 development branches, addressing three vulnerabilities that could lead to local denial-of-service (DoS), security bypasses, and buffer over-reads. The patches, included in the newly released version 2.6.17 and 2.7_rc3, fix issues ranging from logic errors in HMAC verification to stability flaws in the Windows […] The post OpenVPN Vulnerabilities Let Hackers Triggers Dos Attack and Bypass Security Checks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released critical security patches addressing two high-severity zero-day vulnerabilities in Android that are currently being exploited in limited, targeted attacks. The vulnerabilities, disclosed in the December 2025 Android Security Bulleti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new security flaw has been found in Apache Struts, a popular open‑source web application framework used by many companies worldwide. The issue, tracked as CVE‑2025‑64775, could allow attackers to fill a server’s disk space, causing it to stop working…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security threats rarely adhere to holiday schedules, and while developers may take time off, malicious actors are working overtime. A significant new wave of software supply chain attacks has been identified targeting the Microsoft Visual Studio Market…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OpenAI’s Codex CLI, a command-line tool designed to bring AI-powered reasoning into developer workflows, contains a critical vulnerability that allows attackers to execute arbitrary commands on developer machines without any user interaction or a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Koi researchers have uncovered a seven-year browser extension operation that has silently compromised at least 4.3 million Chrome and Edge users worldwide. The threat actor, dubbed ShadyPanda, systematically abused browser marketplaces to turn seemingl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
South Korean e-commerce giant Coupang has admitted to a significant data breach that exposed the personal information of about 33.7 million customers. This figure is close to the company’s entire user base, making it one of the most significant known d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
