-
Millions of people and businesses trust Google Drive every day to store important files like contracts, reports, photos, and research papers. The desktop app for Windows promises secure and seamless syncing of files between local folders and the cloud….
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
KuCoin’s security team has uncovered a new phishing campaign orchestrated by the Lazarus Group (APT38), the notorious state-sponsored collective renowned for financially motivated cyberespionage. Armed with government resources and a history of high-pr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
HackerOne, a leading vulnerability coordination platform, has confirmed that its Salesforce environment was compromised in a recent third-party data breach. The incident stemmed from an attack on the Drift application provided by Salesloft, which allow…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has disclosed two serious security vulnerabilities in its Office suite that allow attackers to execute arbitrary code on affected systems. Both flaws were publicly released on September 9, 2025, and have been assigned CVE identifiers CVE-2025…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges
Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker who has already gained initial access to a system to escalate their privileges, potentially gaining complete control over the affected domain controller and undermining the security of the network infrastructure. […] The post Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In a twist of fate that underscores both the power and inherent transparency of endpoint detection and response (EDR) solutions. By investigating alerts generated through this deployment, the Huntress Security Operations Center (SOC) gained unprecedent…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape has witnessed a novel phishing campaign that weaponizes Google’s no-code platform, AppSheet, to harvest user credentials. By abusing AppSheet’s trusted email infrastructure, attackers are bypassing traditional security contr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of the popular productivity suite. While Microsoft has assessed exploitation as “less likely” for both vulnerabilities […] The post Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns. The bug bounty platform announced the security incident, aligning with its company value of “Default to Disclosure.” According […] The post HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Sophos has resolved an authentication bypass vulnerability in its AP6 Series Wireless Access Points that could allow attackers to gain administrator-level privileges. The company discovered the issue during internal security testing and has released a firmware update to address it. The security vulnerability allows an attacker with network access to the access point’s management IP […] The post Sophos Wireless Access Points Vulnerability Let Attackers Bypass Authentication appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶