-
A critical vulnerability was discovered in the AI-Bolit component of Imunify security products, raising concerns across the web hosting and Linux server communities. This flaw could let attackers execute arbitrary code and escalate their privileges to …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Remcos, a commercial remote access tool distributed by Breaking-Security and marketed as “Remote Administration Software,” continues to pose a significant threat to organizations worldwide. Despite its administrative positioning, the tool&#…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released an urgent security update for its Chrome browser to address a critical zero-day vulnerability actively exploited by threat actors. The flaw, tracked as CVE-2025-13223, affects the V8 JavaScript engine and poses a significant risk to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Lynx ransomware has emerged as a significant threat to enterprise environments, with recent intrusions demonstrating sophisticated attack strategies that prioritize data exfiltration and infrastructure destruction. The malware campaign combines compromised credentials with careful planning to ensure maximum impact on target networks. Security researchers continue to monitor this evolving threat as attackers refine their techniques and […] The post Threat Actors Leveraging Compromised RDP Logins to Deploy Lynx Ransomware After Deleting Server Backups appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Lazarus APT Group, an advanced persistent threat (APT) attributed to North Korea, has deployed a sophisticated new Remote Access Trojan (RAT) called ScoringMathTea as part of its ongoing Operation DreamJob cyberespionage campaign. ScoringMathTea re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft Azure successfully defended against a record-breaking distributed denial-of-service (DDoS) attack that peaked at 15.72 terabits per second (Tbps), making it the most significant DDoS attack ever observed in the cloud. On October 24, 2025, Azu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Iran-nexus cyber espionage group UNC1549 has significantly expanded its arsenal of custom tools and sophisticated attack techniques in an ongoing campaign targeting aerospace, aviation, and defense industries since mid-2024, according to new findin…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in the wild. The vulnerability, tra…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
IBM has released critical security updates addressing two severe vulnerabilities in its AIX operating system that could allow remote attackers to execute arbitrary commands on affected systems. Both vulnerabilities stem from improper process controls in essential IBM AIX services. Critical Flaws in IBM AIX Services The first vulnerability, CVE-2025-36251, affects the Nimsh service and its […] The post IBM AIX Vulnerabilities Let Remote Attacker Execute Arbitrary Commands appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has rushed out a critical update for its Chrome browser to address a zero-day vulnerability actively exploited in the wild, urging users to update immediately to mitigate the risk posed by sophisticated attackers. The patch, rolled out in Chrome Stable version 142.0.7444.175 for Windows and Linux, and 142.0.7444.176 for Mac, fixes two high-severity type […] The post Chrome Type Confusion Zero-Day Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
