-
SonicWall has issued an urgent firmware update, version 10.2.2.2-92sv, for its Secure Mobile Access (SMA) 100 series appliances to detect and remove known rootkit malware. The advisory, SNWLID-2025-0015, published on September 22, 2025, strongly recommends that all users of SMA 210, 410, and 500v devices apply the update immediately to protect against persistent threats. This […] The post SonicWall Releases Urgent Update to Remove Rootkit Malware ‘OVERSTEP’ from SMA Devices appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers are accelerating their foothold in corporate networks: over the past three months (June 1 to August 31, 2025), the average time from initial breach to lateral movement—called “breakout time”—fell to just 18 minutes. In one striking incident, …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Secret Service has dismantled a sophisticated network of electronic devices scattered across the New York tri-state area. These devices posed an imminent threat to protective operations for senior government officials. During a protective inte…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, a sophisticated campaign has emerged in which state-linked threat actors are leveraging fake job offers to ensnare unsuspecting job seekers and deliver advanced malware. These attackers craft convincing phishing emails that direct victims to look-alike career portals, impersonating leading aerospace and defense firms. The lure often begins with a personalized outreach on […] The post Threat Actors with Fake Job Lures Attacking Job Seekers to Deploy Advanced Malware appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Leveraging a native IIS module named BadIIS, attackers manipulated search engine crawler traffic to poison search results and redirect legitimate users to scam or adult-oriented websites. Infrastructure overlaps link this activity to ESET’s “Group 9” c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SolarWinds has released an urgent security advisory for a critical vulnerability in its Web Help Desk software that could allow an unauthenticated attacker to achieve remote code execution (RCE). The flaw, tracked as CVE-2025-26399, carries a critical severity rating of 9.8 out of 10, highlighting the severe risk it poses to affected systems. The vulnerability […] The post SolarWinds Web Help Desk Vulnerability Enables Unauthenticated RCE appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released comprehensive guidance for implementing certificate-based authentication in Windows Admin Center (WAC), providing administrators with enhanced security through smart card integration and Active Directory Certificate Services. Thi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors were manipulating the Instance Metadata Service (IMDS), a core component designed to securely furnish compute instances with temporary credentials to infiltrate and navigate cloud infrastructures. By compelling unsuspecting applications to query IMDS endpoints, attackers harvest short-lived tokens, enabling credential theft, lateral movement, and privilege escalation within victim environments. Exploit IMDS Service Wiz reports […] The post Hackers Exploits IMDS Service to Gain Initial Access to a Cloud Environment appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the np…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Zloader, a sophisticated Zeus-based modular trojan that first emerged in 2015, has undergone a significant transformation from its original banking-focused purpose to become a dangerous tool for initial access and ransomware deployment in corporate env…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
