-
Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote denial-of-service attacks and authentication bypass exploits. The vulnerabilities, tracked as CVE-2025-58364 and CVE-2025-58060, affect the core printing infrastructure used across virtually all Linux distributions and pose significant risks to network security. Key Takeaways1. Two Critical […] The post Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in FlowiseAI has been discovered that allows attackers to take over user accounts with minimal effort. The flaw, tracked as CVE-2025-58434, affects both cloud-hosted and self-hosted FlowiseAI deployments, posing signi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Phishing-as-a-Service operation called VoidProxy that uses advanced adversary-in-the-middle techniques to bypass traditional multi-factor authentication and steal session tokens from Microsoft 365 and Google accounts. The five steps of a SIM-swap attac…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Two critical security vulnerabilities have been discovered in the Common Unix Printing System (CUPS), a widely used printing subsystem for Unix-like operating systems. The flaws, designated as CVE-2025-58364 and CVE-2025-58060, expose Linux systems to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new proof-of-concept (PoC) tool named BitlockMove demonstrates a novel lateral movement technique that leverages BitLocker’s Distributed Component Object Model (DCOM) interfaces and COM hijacking. Released by security researcher Fabian Mosch of r-tec Cyber Security, the tool enables attackers to execute code on remote systems within the session of an already logged-on user, bypassing the […] The post BitlockMove Tool Enables Lateral Movement via Bitlocker DCOM & COM Hijacking appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
This week in cybersecurity serves as a critical reminder of the pervasive risks within the digital supply chain, as several industry-leading companies disclosed significant data breaches. The incidents, affecting vulnerability management giants Tenable and Qualys, as well as enterprise software provider Workday, all stemmed from a security flaw in a common third-party service. This chain […] The post Weekly Cybersecurity News Recap : Tenable, Qualys, Workday Data Breaches and Security Updates appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Federal Bureau of Investigation (FBI) has released a flash alert detailing the activities of two cybercriminal groups, UNC6040 and UNC6395, that are actively compromising Salesforce environments to steal data for extortion purposes. The advisory, published by the FBI on September 12, 2025, provides indicators of compromise (IOCs) and defensive measures to help organizations protect […] The post FBI Unveils IOCs for Cyber Attacks Targeting Salesforce Instances for Data Exfiltration appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM X-Force researchers have uncovered sophisticated new malware campaigns orchestrated by the China-aligned threat actor Hive0154, also known as Mustang Panda. The discovery includes an advanced Toneshell backdoor variant that evades detection systems…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Straiker’s AI Research (STAR) team have uncovered Villager, an AI-native penetration testing framework developed by Chinese-based group Cyberspike that has already accumulated over 10,000 downloads within two months of its…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Nmap vs Wireshark are the most popular Network penetration testing tools. Security professionals face an increasingly complex threat landscape, and picking the right penetration testing tools can make the difference between a secure infrastructure and a compromised network. While both serve critical roles in network analysis and security assessment, they address fundamentally different aspects of […] The post Nmap vs. Wireshark: Choosing the Right Tool for Network Penetration Testing appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
