-
Sophos has released an important security advisory addressing a critical authentication bypass vulnerability in its AP6 Series Wireless Points. Attackers who can reach the management interface of an affected device may exploit this flaw to gain full ad…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated espionage campaign leveraging a previously unknown malware strain dubbed GONEPOSTAL, attributed to the notorious Russian state-sponsored group KTA007, better known as Fancy Bear or APT28. The malware transforms Microsoft Outlook into a …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released a warning about two serious security flaws in Windows BitLocker that could allow attackers to gain elevated privileges on affected machines. These vulnerabilities, tracked as CVE-2025-54911 and CVE-2025-54912, were publicly discl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
DarkSamural, a newly identified subspecies of the notorious OceanLotus APT, has launched a sophisticated campaign targeting high-value organizations in Pakistan. Leveraging malicious LNK files masquerading as PDF documents and sophisticated MSC contain…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system compromise. The flaw resides in the Deploy Web Service upload mechanism, where insufficient access control validation permits the upload and execution of malicious files. This vulnerability poses a significant risk […] The post Critical SAP NetWeaver Vulnerability Let Attackers Execute Arbitrary Code And Compromise System appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability has been discovered in SAP NetWeaver AS Java Deploy Service that enables authenticated attackers to execute arbitrary code and potentially achieve complete system compromise. The flaw, tracked as CVE-2025-429…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitHub repositories for malware delivery through sophisticated weaponized LNK files, according to recent analysis by S2W’s Threat Intelligence Center, TALON. This campaign demonstrates the group’s evolving tactics in leveraging trusted plat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Gentlemen ransomware group has emerged as a sophisticated threat actor, demonstrating advanced capabilities through systematic compromise of enterprise environments across 17 countries. Their campaign combines legitimate driver abuse, Group Policy …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Major enterprise software provider Workday has disclosed a significant security incident that exposed customer data through a compromised third-party application, affecting business contact information and support case details. Third-Party Security Bre…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for Chrome to address two significant vulnerabilities, including a critical remote code execution flaw that could allow attackers to completely compromise user systems. The stable channel update brings Chro…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
