-
A high-severity vulnerability was identified in LangChainGo, the Go implementation of the popular LLM orchestration framework LangChain. Tracked as CVE-2025-9556, this flaw allows unauthenticated attackers to perform arbitrary file reads through maliciously crafted prompt templates, effectively exposing sensitive server files without requiring direct system access. Key Takeaways1. CVE-2025-9556, Jinja2 prompt injection enables arbitrary file reads.2. […] The post Critical LangChainGo Vulnerability Let Attackers Access Sensitive Files by Injecting Malicious Prompts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated malware campaign spanning seven years, where threat actors behind AppSuite-PDF and PDF Editor applications systematically abused code-signing certificates to legitimize their malicious software. The actors, tracked under the malware family name BaoLoader, have utilized at least 26 code-signing certificates obtained through fraudulent business registrations, primarily targeting users seeking PDF […] The post Actors Behind AppSuite-PDF and PDF Editor Used 26 Code-Signing Certificates to Make Software Appear Legitimate appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Kimsuky APT group has begun leveraging generative AI ChatGPT to craft deepfake South Korean military agency ID cards. Phishing lures deliver batch files and AutoIt scripts designed to evade anti-virus scanning through sophisticated obfuscation. Org…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical permission misconfiguration in the IBM QRadar Security Information and Event Management (SIEM) platform could allow local privileged users to manipulate configuration files without authorization. Tracked as CVE-2025-0164, the flaw stems from improper permission assignment and carries a CVSS 3.1 base score of 2.3 (AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). Key Takeaways1. CVE-2025-0164 in QRadar SIEM v7.5–7.5.0 UP13 IF01 lets privileged […] The post IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Countries with most cyberattacks stopped highlighting global cyber defense efforts, including key regions in Asia-Pacific and North America. BlackNevas has released a comprehensive attack strategy spanning three major regions, with the Asia-Pacific ar…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Great Firewall of China (GFW) suffered its largest-ever internal data breach. More than 500 GB of sensitive material—including source code, work logs, configuration files, and internal communications—was exfiltrated and published online. The breach stems from Geedge Networks and the MESA Lab at the Institute of Information Engineering, Chinese Academy of Sciences. The leaked archive […] The post Great Firewall of China’s Sensitive Data of Over 500GB+ Leaked Online appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DarkCloud Stealer has recently emerged as a potent threat targeting financial organizations through convincing phishing campaigns. Adversaries employ weaponized RAR attachments masquerading as legitimate documents to deliver a multi-stage JavaScript-based payload. Upon opening the archive, victims execute a VBE script that leverages Windows Script Host to initiate a PowerShell downloader hidden in innocuous-seeming image files. […] The post DarkCloud Stealer Attacking Financial Companies With Weaponized RAR Attachments appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A recently discovered flaw in LangChainGo, the Go implementation of the LangChain framework for large language models, permits attackers to read arbitrary files on a server by injecting malicious prompt templates. Tracked as CVE-2025-9556, this vulnera…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups—UNC6040 and UNC6395—to breach Salesforce customer environments and siphon sensitive da…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Emerging in early September 2025, the Yurei ransomware has swiftly drawn attention for its novel combination of Go-based execution and ChaCha20 encryption. First documented on September 5 when a Sri Lankan food manufacturer fell victim, the threat actor behind Yurei adopted a double-extortion model: encrypting files while exfiltrating sensitive data for additional leverage. Within days, […] The post New Yurei Ransomware With PowerShell Commands Encrypts Files With ChaCha20 Algorithm appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
