-
In a recent setback for Windows administrators, Microsoft’s October 2025 security update addressing a critical vulnerability in Windows Server Update Services (WSUS) has inadvertently broken hotpatching functionality on a subset of Windows Server 2025 systems. The flaw, tracked as CVE-2025-59287, allows remote code execution in WSUS environments, posing significant risks to enterprise update infrastructures. Microsoft […] The post Microsoft Patch for WSUS Vulnerability has Broken Hotpatching on Windows Server 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated phishing campaign has emerged, exploiting the trust placed in legitimate cloud hosting services. Threat actors are leveraging Cloudflare Pages and ZenDesk platforms to conduct large-scale credential theft operations targeting unsuspecting users. The campaign demonstrates a concerning trend where established infrastructure services become vectors for social engineering attacks. Security researchers have identified over 600 […] The post Beware of New Phishing Attack that Abuses Cloudflare and ZenDesk Pages to Steal Logins appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Supply chain attacks targeting the JavaScript ecosystem have evolved into sophisticated operations combining domain manipulation with social engineering. On September 8, 2025, threat actors launched a coordinated phishing campaign aimed at compromising high-profile NPM developers. The attack successfully infiltrated the accounts of developer Josh Junon, known as “qix,” and targeted at least four other maintainers, […] The post New Business Email Protection Technique Blocks the Phishing Email Behind NPM Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at the SANS Internet Storm Center have detected a significant spike in suspicious network traffic targeting Windows Server Update Services (WSUS) infrastructure worldwide. The reconnaissance activity focuses specifically on TCP por…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A Ukrainian national accused of playing a key role in the notorious Conti ransomware operation has been extradited from Ireland to face federal charges in the United States. Oleksii Oleksiyovych Lytvynenko, 43, made his first court appearance in the Middle District of Tennessee following his transfer from Irish custody, where he had been held since […] The post Conti Group Member Responsible for Deploying Ransomware Extradited to USA appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In October 2025, threat researchers at Cyble Research and Intelligence Labs uncovered a sophisticated cyber attack leveraging weaponized military documents to distribute an advanced SSH-Tor backdoor targeting defense sector personnel. The campaign centers on a deceptively simple delivery mechanism: a ZIP archive disguised as a Belarusian military document titled “ТЛГ на убытие на переподготовку.pdf” (TLG […] The post Hackers Deliver SSH-Tor Backdoor Via Weaponized Military Documents in ZIP Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Open VSX team and Eclipse Foundation have addressed a significant security incident involving leaked authentication tokens and malicious extensions on their popular code marketplace. The organization has now contained the situation and outlined con…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a severe unauthenticated Remote Code Execution vulnerability in Ubiquiti’s UniFi OS that earned a substantial $25,000 bug bounty reward. Tracked as CVE-2025-52665, this critical flaw allows attackers to gain co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Proton has launched a new initiative called the Data Breach Observatory. This program reveals serious problems that exist on the internet. The cybersecurity company revealed that over 300 million stolen credentials are currently circulating on dark web cybercrime markets, putting businesses and individuals at unprecedented risk. This massive exposure highlights the growing underground economy built […] The post Proton Exposes 300 Million Stolen Credentials Available for Sale on Dark Web Cybercrime Markets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released a non-security update for Windows 11 versions 24H2 and 25H2 that introduces an unusual bug affecting one of the operating system’s most essential utilities. The update, designated as KB5067036, is causing Task Manager to continue running in the background even after users close the application. This issue has been officially acknowledged by […] The post Windows 11 24H2/25H2 Update Causes Task Manager to be Active After Closure appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
