-
The Tor Project has announced a significant cryptographic overhaul, retiring its legacy relay encryption algorithm after decades of service and replacing it with Counter Galois Onion (CGO). This research-backed encryption design defends against a broader class of sophisticated online attackers. Tor’s relay encryption serves a specialized function distinct from the standard TLS protocol used between […] The post Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ASUS has disclosed a high security vulnerability in its MyASUS application that could allow local attackers to escalate their privileges to SYSTEM-level access on affected Windows devices. The flaw, tracked as CVE-2025-59373, carries a high-severity CVSS 4.0 score of 8.5, indicating a significant risk to millions of ASUS computer users worldwide. Vulnerability Overview The security […] The post ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, has been assigned a high severity rating with a CVSS score of 7.5, according to Zoom’s security bulletin ZSB-25042. The vulnerability stems from improper verification of […] The post Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google Mandiant has disclosed active exploitation of CVE-2025-12480, a critical unauthenticated access vulnerability in Gladinet’s Triofox file-sharing platform. The threat cluster tracked as UNC6485 has been weaponizing this flaw since August 2025 to gain unauthorized administrative access and establish persistent remote control over compromised systems. The vulnerability stems from improper access control validation in Triofox versions 16.4.10317.56372 and […] The post Hackers Exploiting Triofox 0-Day Vulnerability to Execute Malicious Payload Abusing Anti-Virus Feature appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks. The vulnerability, tracked as CVE-2025-12735, allows attackers to execute arbitrary system commands through maliciously crafted input. The expr-eval library is a JavaScript tool designed to parse and evaluate mathematical […] The post Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SonicWall, a global cybersecurity company, confirmed that state-sponsored hackers were behind a recent incident involving unauthorized access to firewall backup files. The breach began in early September, when the company detected suspicious activity involving the download of backup firewall configuration files stored in a cloud environment. Upon discovery, SonicWall quickly activated its incident response plan, […] The post SonicWall Confirms State-Sponsored Hackers Behind the Massive Firewall Backup Breach appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google is strengthening its defense against mobile scams with advanced AI-powered protections built directly into Android devices. As cybercriminals become more sophisticated, using AI themselves to create convincing fraud schemes, Google’s new safeguards work around the clock to protect your personal information and money from theft. Mobile scams cost people worldwide over $400 billion annually, […] The post Google Unveils new AI-Protection for Android to Keep You Safe From Mobile Scams appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
