-
Research has uncovered three significant vulnerabilities in Google’s Gemini AI assistant suite, dubbed the “Gemini Trifecta,” that could have allowed cybercriminals to steal users’ saved data and live location information. The v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In late September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public alert regarding the active exploitation of a critical command injection vulnerability tracked as CVE-2025-59689 in Libraesva Email Security Gateway (ESG) devices. This flaw has rapidly emerged as a favored target for threat actors due to its ease of exploitation and the […] The post CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated attack campaign targeting improperly managed Microsoft SQL servers has emerged, deploying the XiebroC2 command and control framework to establish persistent access to compromised systems. The attack leverages vulnerable credentials on publicly accessible database servers, allowing threat actors to gain initial foothold and escalate privileges through a multi-stage deployment process. XiebroC2, a publicly available […] The post Threat Actors Hijacking MS-SQL Server to Deploy XiebroC2 Framework appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks worldwide. First detected in early 2025, the campaign leverages custom-built malware to infiltrate secure perimeters and harvest user credentials. Initial indicators of compromise point to spear-phishing emails with HTML attachments […] The post APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security Operations Centers (SOCs) protect organizations’ digital assets from ongoing cyber threats. To assess their effectiveness, SOCs use key performance indicators (KPIs) such as Mean Time to Detect (MTTD) and False Positive Rate (FPR). Although these metrics are often seen as separate, they are closely interconnected; improving one can directly enhance the other. By integrating […] The post How SOC Teams Detect Can Detect Cyber Threats Quickly Using Threat Intelligence Feeds appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently being exploited in the wild. This flaw allows local adversaries to bypass access controls and execute arbitrary commands as the root user, even without explicit sudoers privileges. Sudo Chroot Bypass (CVE-2025-32463) Identified as “Inclusion […] The post CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three new vulnerabilities in Google’s Gemini AI assistant suite could have allowed attackers to exfiltrate users’ saved information and location data. The vulnerabilities uncovered by Tenable, dubbed the “Gemini Trifecta,” highlight how AI systems can be turned into attack vehicles, not just targets. The research exposed significant privacy risks across different components of the Gemini […] The post Google Gemini Vulnerabilities Let Attackers Exfiltrate User’s Saved Data and Location appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Patchwork, the advanced persistent threat (APT) actor also known as Dropping Elephant, Monsoon, and Hangover Group, has been observed deploying a new PowerShell-based loader that abuses Windows Scheduled Tasks to execute its final payload. Active since…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Veeam Backup & Replication, a cornerstone of many enterprises’ data protection strategy, has reportedly become the focus of a new exploit being offered on a clandestine marketplace. According to a recent listing, a seller operating under the handle “SebastianPereiro” claims to possess a remote-code-execution (RCE) exploit targeting specific Veeam 12.x builds. Dubbed the “Bug of […] The post Threat Actors Allegedly Listed Veeam RCE Exploit for Sale on Dark Web appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
China-linked advanced persistent threat (APT) group Phantom Taurus has intensified espionage operations against government and telecommunications targets across Africa, the Middle East, and Asia, deploying a newly discovered .NET malware suite called N…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
