-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in the wild. The vulnerability, tra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical Flaws in IBM AIX Services The first vulnerability, CVE-2025-36251, affects the Nimsh service and its […] The post IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rushed out a critical update for its Chrome browser to address a zero-day vulnerability actively exploited in the wild, urging users to update immediately to mitigate the risk posed by sophisticated attackers. The patch, rolled out in Chrome Stable version 142.0.7444.175 for Windows and Linux, and 142.0.7444.176 for Mac, fixes two high-severity type […] The post Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Azure thwarted what may be the largest distributed denial-of-service (DDoS) attack ever recorded in the cloud on October 24. The attack peaked at 15.72 terabits per second (Tbps) and unleashed nearly 3.64 billion packets per second (pps), targeting a single endpoint in Australia. Azure’s automated DDoS Protection service sprang into action, filtering out the […] The post Record-Breaking 15 Tbps DDoS Attack From 500,000+ Devices Hits Azure Network appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a dangerous new tool making waves across darknet forums and criminal communities. Xanthorox, a malicious artificial intelligence platform, has emerged as a serious concern for the security industry. The tool works like a regular chatbot, similar to ChatGPT, but with one major difference: it has no safety restrictions. First announced on […] The post Threat Actors can Use Xanthorox AI Tool to Generate Different Malicious Code Based on Prompts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cyber threats are changing how they reach victims. A financially motivated criminal network called Payroll Pirates has been quietly attacking payroll systems, credit unions, and trading platforms across the United States since mid-2023. Their weapon of choice is malvertising, where fake ads appear on search engines and trick users into visiting phishing websites. Once employees […] The post Payroll Pirates – Network of Criminal Groups Hijacking Payroll Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new threat has emerged in the ransomware landscape with the discovery of Yurei ransomware, first publicly identified in early September 2025. This Go-based malware follows a typical ransomware operation model by infiltrating corporate networks, encrypting critical data, deleting backups, and demanding ransom for stolen information. The group operates through a dedicated dark web site […] The post Yurei Ransomware File Encryption, Operation Model and Data Transfer Methods Uncovered appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Pig-butchering scams have grown into one of the most damaging global cybercrime threats, causing billions of dollars in losses every year. These long-term investment fraud schemes work by building trust through emotional grooming and fake trading platforms before draining victims of their life savings. The scams now operate at an industrial scale, and criminal groups […] The post Pig-Butchering Scams Operators Scaled Their Operations with The Support of AI-Assistants appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new open-source security tool, TaskHound, helps penetration testers and security professionals identify high-risk Windows scheduled tasks that could expose systems to attacks. The tool automatically discovers tasks running with privileged accounts and stored credentials, making it a valuable addition to security assessments. What Makes TaskHound Different? TaskHound stands out by automating the discovery of dangerous […] The post TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide. The vulnerability stems from improper regular expression parsing, which allows att…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
