-
At the recent DefCon security conference, researchers demonstrated a critical exploit chain that allows attackers to gain root access on vehicle infotainment systems by targeting Apple CarPlay. The multi-stage attack, named “Pwn My Ride,” leverages a series of vulnerabilities in the protocols that underpin wireless CarPlay, culminating in remote code execution on the car’s multimedia […] The post Apple CarPlay Exploited To Gain Root Access By Executing Remote Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released critical security updates across multiple versions to address six significant vulnerabilities that could enable denial-of-service attacks, server-side request forgery, and information disclosure. The company released versions 18.3.2…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In recent months, security researchers have observed a surge in activity by a previously undocumented ransomware group known as The Gentlemen. This threat actor has rapidly distinguished itself through the deployment of highly specialized tools and meticulous reconnaissance tactics, targeting critical infrastructure across multiple sectors and regions. Leveraging legitimate Windows drivers and nuanced Group Policy […] The post New Gentlemen Ransomware Leverages Legitimate Drivers, Group Policies to Infiltrate Organizations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Fileless malware has become a formidable adversary for security teams, operating entirely in memory and evading disk-based detection. A recent incident demonstrates how attackers leveraged a multi-stage fileless loader to deploy AsyncRAT, a powerful Re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released urgent security patches for its Community (CE) and Enterprise (EE) editions, addressing multiple vulnerabilities, including two high-severity flaws that could lead to Server-Side Request Forgery (SSRF) and Denial of Service (DoS) attacks. The company is strongly advising all administrators of self-managed GitLab installations to upgrade immediately to the newly released versions: 18.3.2, […] The post GitLab Patches Multiple Vulnerabilities That Enables Denial Of Service and SSRF Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-quality mobile application penetration testing company is essential for businesses that want to safeguard their digital assets and user data. These specialized firms employ ethical hackers who simulate real-world cyberattacks to identify and exploit vulnerabilities within mobile apps. The insights from these tests enable developers to fix security flaws before they can be leveraged […] The post Top 10 Best Mobile Application Penetration Testing Companies in 2025 appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Content creators and small businesses are facing a sophisticated new threat targeting their Facebook accounts through deceptive advertisements promising free Meta verification badges. A new malvertising campaign is targeting Facebook users with malicio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in Apple’s CarPlay ecosystem enables remote code execution with root privileges, posing a serious risk to connected vehicles. Discovered by the Oligo Security Research team and tracked as CVE-2025-24132, the fl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been found in the Google Drive Desktop application for Windows. It allows a logged-in user on a shared machine to access another user’s Drive files completely without needing their credentials. This vulnerability stems from a broken access control mechanism in how the application handles cached data. While Google Drive is widely […] The post Google Drive Desktop for Windows Vulnerability Grants Full Access to Another User’s Drive appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Amp’ed RF BT-AP 111 Bluetooth Access Point has been discovered to expose its HTTP-based administrative interface entirely without authentication controls, enabling unauthenticated attackers with network access to seize full administrative privilege…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
