-
Security researchers have uncovered a sophisticated attack campaign attributed to Kimsuky, the North Korean-backed threat group known for conducting espionage operations against government entities and think tanks. Recent analysis reveals that threat a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In the early hours of November 3, 2025, Check Point Research’s blockchain threat monitoring systems flagged a suspicious pattern on the Ethereum mainnet. The alert stemmed from Balancer V2’s Vault contract, which soon revealed one of the most devastati…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
On November 3, 2025, blockchain security monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. An attacker executed a precision loss vulnerability to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a rounding error in the _upscaleArray function combined with carefully crafted batchSwap operations, allowing the attacker […] The post Checkpoint Details on How Attackers Drained $128M from Balancer Pools Within 30 Minutes appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued a critical security advisory addressing two severe vulnerabilities in its Unified Contact Center Express (CCX) platform that could enable remote attackers to execute arbitrary commands and gain unauthorized system access. The vulnerabi…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have identified a sophisticated new malware family, Airstalk, that exploits VMware’s AirWatch API—now known as Workspace ONE Unified Endpoint Management—to establish covert command-and-control channels. The discovery represen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed multiple critical vulnerabilities in Unified Contact Center Express (CCX) that allow unauthenticated remote attackers to execute malicious code and escalate privileges. The vulnerabilities affect the Java Remote Method Invocation (RMI) process and authentication mechanisms, potentially compromising entire contact center deployments. RCE and Authentication Bypass Vulnerability The primary vulnerability, CVE-2025-20354, has a critical […] The post Cisco Unified Contact Center Express Vulnerabilities Let Remote Attacker Execute Malicious Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Django, one of the most popular Python web development frameworks, has disclosed two critical security vulnerabilities that could allow attackers to execute SQL injection attacks and launch denial-of-service attacks. The vulnerabilities, identified as CVE-2025-64458 and CVE-2025-64459, affect core components of the framework and require immediate attention from developers using Django in their applications. The more […] The post Multiple Django Vulnerabilities Enable SQL injection and DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
International law enforcement agencies have taken down three sophisticated fraud and money laundering networks in a coordinated operation that uncovered one of the largest credit card fraud schemes in recent history. The operation, codenamed “Chargeback,” revealed criminal activity affecting over 4.3 million cardholders across 193 countries, with total damages exceeding EUR 300 million and attempted […] The post Authorities Dismanteled Major Credit Card Fraud Operation Impacting 4.3 Million Cardholders appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks and SQL injection exploits. The security releases for Django 5.2.8, 5.1.14, and 4….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has confirmed that threat actors are actively exploiting a critical remote code execution (RCE) flaw in its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. First disclosed on September 25, 2025, the vulnerability tracked as CVE-2025-20333 poses a severe risk to organizations relying on these firewalls for VPN access. With a […] The post Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
