-
Amazon’s threat intelligence team has uncovered a sophisticated cyber campaign exploiting previously undisclosed zero-day vulnerabilities in critical enterprise infrastructure. Advanced threat actors are actively targeting Cisco Identity Service …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
That text message you got about a “stuck package” from USPS, or an “unpaid road toll” notice, isn’t just random spam it’s become the signature move of an international criminal outfit that’s managed to swindle millions. Today, Google is launching a maj…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Chinese national has been sentenced to over 11 years in prison following one of the most significant cryptocurrency fraud investigations in history. Zhimin Qian, 47, received an 11-year and eight-month sentence for possessing and transferring criminal property under the Proceeds of Crime Act 2002. The case marks the culmination of a seven-year investigation by […] The post Chinese National Jailed for Laundering Over £5 Billion by Defrauding Over 128,000 Victims appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A vulnerability has been discovered in Lite XL, a lightweight text editor, that could allow attackers to execute arbitrary code on affected systems. Carnegie Mellon University experts identified CVE-2025-12120, which affects Lite XL versions 2.1.8 and earlier. The flaw exists in how Lite XL handles project configuration files. How the Vulnerability Works When users open […] The post Lite XL Text editor Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A large phishing campaign has been targeting travelers worldwide, using more than 4,300 fake domains to steal payment card information. The operation focuses on people planning vacations or about to check into hotels by sending fake booking confirmation emails that appear to come from trusted travel companies. The attackers have created a network of websites […] The post Massive Phishing Attack Impersonate as Travel Brands Attacking Users with 4,300 Malicious Domains appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway products. Tracked as CVE-2025-12101, the flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to session hijacking, data theft, or unauthorized actions. The vulnerability carries a moderate CVSSv4 score of 5.9, highlighting its […] The post Citrix NetScaler ADC and Gateway Vulnerability Enables Cross-Site Scripting Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity leaders now face an impossible equation: you need intelligence that’s comprehensive enough to protect your organisation, fresh enough to stop emerging threats, and manageable enough that your team doesn’t drown in false positives. Most solutions force you to choose. Some prove you don’t have to. The Intelligence Paradox: Too Much and Never Enough Every CISO knows the struggle. Deploy too few threat feeds, […] The post Why your Business Need Live Threat Intel from 15k SOCs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated backdoor malware campaign has emerged targeting Windows users through a weaponized version of SteamCleaner, a legitimate open-source utility designed to clean junk files from the Steam gaming platform. The malware establishes persistent access to compromised systems by deploying malicious Node.js scripts that maintain continuous communication with command-and-control servers, enabling attackers to execute arbitrary […] The post Beware of Malicious Steam Cleanup Tool Attack Windows Machines to Deploy Backdoor Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache OpenOffice has released version 4.1.16, addressing seven critical security vulnerabilities that enable unauthorized remote document loading and memory corruption attacks. These flaws represent a significant security risk to users of the popular open-source office suite. The most severe vulnerabilities involve unauthorized remote content loading without user prompts or warnings. Attackers can exploit these weaknesses to load […] The post Multiple Apache OpenOffice Vulnerabilities Leads to Memory Corruption and Unauthorized Content Loading appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed two critical security vulnerabilities in GitHub Copilot and Visual Studio that could allow attackers to bypass essential security features. Both vulnerabilities were released on November 11, 2025, and have been assigned an Important severity rating. Path Traversal Vulnerability in Visual Studio The first vulnerability, tracked as CVE-2025-62449, stems from improper limitations in pathname […] The post GitHub Copilot and Visual Studio Vulnerabilities Allow Attacker to Bypass Security Feature appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
