-
A new wave of security alert-themed phishing emails has recently surfaced, causing concern within both enterprise and personal email environments. These malicious emails cleverly impersonate official security notifications, often appearing to come from the victim’s own domain. Their main objective is to instill panic by warning users about “blocked messages” and prompt recipients to take […] The post Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released its November 2025 Patch Tuesday update, addressing 63 security vulnerabilities across its software lineup. The update includes a critical fix for a zero-day vulnerability in the Windows Kernel that is confirmed to be actively exp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft rolled out its November 2025 Patch Tuesday security updates today, addressing 63 vulnerabilities across its product and service ecosystem. Among these, one zero-day flaw has already been exploited in the wild, underscoring the urgency for organizations and users to apply patches promptly to mitigate potential threats. The updates cover Windows, Office, Azure, Visual Studio, […] The post Microsoft November 2025 Patch Tuesday – 63 Vulnerabilities, Including 1 Zero-Day Fixed appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mozilla has rolled out Firefox 145, addressing a series of high-severity vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. Announced on November 11, 2025, the release patches flaws primarily in the browser’s graphics, JavaScript, and DOM components, urging immediate upgrades to mitigate risks from potential exploits. The update tackles 15 CVEs, […] The post Firefox Releases Security Update to Fix Multiple Vulnerabilities Allowing Arbitrary Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers from CyberProof have discovered significant connections between two advanced banking trojans targeting Brazilian users and financial institutions. The Maverick banking malware, identified through suspicious file downloads via WhatsApp, shares remarkable similarities with the earlier reported Coyote malware campaign. Both threats employ sophisticated infection chains and demonstrate nearly identical behavioral patterns. The discovery emerged […] The post Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti has released critical security updates for Ivanti Endpoint Manager to address three high-severity vulnerabilities that could allow authenticated attackers to write arbitrary files to any location on affected systems. The company disclosed the se…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
VanHelsing has emerged as a sophisticated ransomware-as-a-service operation that fundamentally changes the threat landscape for organizations worldwide. First observed on March 7, 2025, this multi-platform locker represents a significant escalation in ransomware deployment strategies by providing affiliates with a streamlined service model. The operation requires a $5,000 deposit from new affiliates and rewards them with […] The post New VanHelsing Ransomware RaaS Model Attacking Windows, Linux, BSD, ARM, and ESXi Systems appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Ivanti has rolled out security updates for its Endpoint Manager product, addressing three high-severity vulnerabilities that could let authenticated local attackers write arbitrary files anywhere on the system disk. The flaws, if exploited, pose significant risks to enterprise environments by potentially allowing malicious code execution or data tampering. The most recent issue, tracked as CVE-2025-10918, […] The post Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated remote data-wipe attack targeting Android devices has emerged, exploiting Google’s Find Hub service to execute destructive operations on smartphones and tablets across South Korea. This campaign represents the first documented case where state-sponsored threat actors weaponized a legitimate device protection service to remotely erase user data and disrupt normal device operations. The malware, […] The post Android Remote Data-Wipe Malware Attacking Users Leveraging Google’s Find Hub appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected devices. The vulnerability, tracked as CVE-2025-12686 and identified by ZDI-CAN-28275, carries a critical CVSS3 base score of 9.8, reflecting its severe impact and exploitability. The flaw stems from […] The post Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
