-
On November 3, 2025, blockchain security monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. An attacker executed a precision loss vulnerability to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a rounding error in the _upscaleArray function combined with carefully crafted batchSwap operations, allowing the attacker […] The post Checkpoint Details on How Attackers Drained $128M from Balancer Pools Within 30 Minutes appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued a critical security advisory addressing two severe vulnerabilities in its Unified Contact Center Express (CCX) platform that could enable remote attackers to execute arbitrary commands and gain unauthorized system access. The vulnerabi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified a sophisticated new malware family, Airstalk, that exploits VMware’s AirWatch API—now known as Workspace ONE Unified Endpoint Management—to establish covert command-and-control channels. The discovery represen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed multiple critical vulnerabilities in Unified Contact Center Express (CCX) that allow unauthenticated remote attackers to execute malicious code and escalate privileges. The vulnerabilities affect the Java Remote Method Invocation (RMI) process and authentication mechanisms, potentially compromising entire contact center deployments. RCE and Authentication Bypass Vulnerability The primary vulnerability, CVE-2025-20354, has a critical […] The post Cisco Unified Contact Center Express Vulnerabilities Let Remote Attacker Execute Malicious Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Django, one of the most popular Python web development frameworks, has disclosed two critical security vulnerabilities that could allow attackers to execute SQL injection attacks and launch denial-of-service attacks. The vulnerabilities, identified as CVE-2025-64458 and CVE-2025-64459, affect core components of the framework and require immediate attention from developers using Django in their applications. The more […] The post Multiple Django Vulnerabilities Enable SQL injection and DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
International law enforcement agencies have taken down three sophisticated fraud and money laundering networks in a coordinated operation that uncovered one of the largest credit card fraud schemes in recent history. The operation, codenamed “Chargeback,” revealed criminal activity affecting over 4.3 million cardholders across 193 countries, with total damages exceeding EUR 300 million and attempted […] The post Authorities Dismanteled Major Credit Card Fraud Operation Impacting 4.3 Million Cardholders appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The security releases for Django 5.2.8, 5.1.14, and 4….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has confirmed that threat actors are actively exploiting a critical remote code execution (RCE) flaw in its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. First disclosed on September 25, 2025, the vulnerability tracked as CVE-2025-20333 poses a severe risk to organizations relying on these firewalls for VPN access. With a […] The post Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated Windows remote-access trojan known as ValleyRAT has emerged as a high-confidence indicator of targeted intrusions against Chinese-language users and organizations. ValleyRAT’s operational model relies on a carefully orchestrated d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cl0p, a prominent ransomware group operating since early 2019, has emerged as one of the most dangerous threats in the cybersecurity landscape. With over 1,025 confirmed victims and more than $500 million in extorted funds, this Russian-linked group has consistently targeted corporate and private networks worldwide while strategically avoiding CIS countries. The group earned its […] The post Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
