-
Amazon has disclosed a significant security vulnerability in its WorkSpaces client for Linux that could allow unauthorized users to extract valid authentication tokens and gain unauthorized access to other users’ WorkSpaces. The vulnerability, tracked as CVE-2025-12779, affects multiple client versions and poses a direct threat to organizations relying on Amazon’s desktop-as-a-service platform for remote work […] The post Amazon WorkSpaces For Linux Vulnerability Let Attackers Extract Valid Authentication Token appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OPNsense project has released version 25.7.7, delivering critical security improvements and performance enhancements to strengthen enterprise firewall deployments. This update represents a significant step forward in addressing infrastructure vulne…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits compromised hotel booking accounts to defraud travellers worldwide. The campaign, which has been active since at least April 2025, leverages stolen credentials fro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
OPNsense has released an update focused on eliminating security vulnerabilities and improving firewall performance. The latest version includes third-party security updates, firewall improvements, and fixes that make the system more reliable for network administrators and security professionals. The development team has made eliminating unsafe shell usage a primary focus. This is important because shell execution […] The post FreeBSD-based OPNsense Firewall Released for Security Issues and Improvements appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Chinese cyber-espionage groups have once again demonstrated their determination and technical prowess in targeting U.S. organizations with ties to international policy-making, highlighting the persistent and evolving threat posed by state-linked cyber …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Hybrid Analysis have uncovered a sophisticated two-stage malware campaign targeting cryptocurrency wallet users and browser data. The newly identified malware duo, dubbed LeakyInjector and LeakyStealer, represents a signifi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russia-aligned threat actor Sandworm has intensified its destructive cyber operations against Ukrainian organizations, deploying data wiper malware to cripple critical infrastructure and weaken the nation’s economy. Unlike other Russia-aligned ad…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently disclosed vulnerability in the Amazon WorkSpaces client for Linux exposes a critical security flaw that could allow attackers to gain unauthorized access to user environments due to improper handling of authentication tokens. The issue, trac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered severe remote code execution vulnerabilities in three official Claude Desktop extensions developed and published by Anthropic. The Chrome, iMessage, and Apple Notes connectors, which collectively boast over 350,000 d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
