-
Threat researchers have uncovered a sophisticated attack campaign targeting FortiWeb web application firewalls across multiple continents, with adversaries deploying the Sliver command-and-control framework to establish persistent access and establish …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Eaton has issued a critical security advisory warning users about multiple high-severity vulnerabilities in its UPS Companion software that could allow attackers to execute arbitrary code on affected systems. The power management company released patch…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
QNAP has released a security advisory addressing multiple vulnerabilities in its License Center application. If left unpatched, these flaws could allow attackers to steal sensitive information, crash system processes, or modify memory on affected Netwo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated credential-stealing campaign named “Operation PCPcat” has compromised over 59,000 Next.js servers worldwide, exploiting critical vulnerabilities in the popular React framework to harvest sensitive authentication data at indu…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Shadowserver Foundation has identified over 25,000 internet-facing Fortinet devices globally with FortiCloud Single Sign-On (SSO) functionality enabled, raising concerns about potential exposure to critical authentication bypass vulnerabilities. Th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cloud Atlas threat group, active since 2014, continues to pose a significant risk to organizations in Eastern Europe and Central Asia through sophisticated attacks leveraging legacy Microsoft Office vulnerabilities. Security researchers have docume…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft has released an out-of-band security update to address a significant vulnerability in Message Queuing (MSMQ) functionality that impacts Windows 10 systems running IIS web servers and enterprise environments. The flaw, discovered and documente…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Keygraph has unveiled Shannon, a fully autonomous artificial intelligence pentester designed to discover and execute real exploits in web applications. Unlike conventional vulnerability scanners that generate false positives, Shannon bridges a critical…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released critical security updates to address multiple zero-day vulnerabilities affecting Android devices worldwide. The December 2025 security bulletin reveals that threat actors are actively exploiting at least two of these vulnerabilities in real-world attacks, prompting urgent action from the tech giant. Critical Vulnerabilities Under Active Exploitation The two most concerning vulnerabilities being actively […] The post Google Patches Android 0-Day Vulnerabilities Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released critical security patches addressing two high-severity zero-day vulnerabilities in Android that are currently being exploited in limited, targeted attacks. The vulnerabilities, disclosed in the December 2025 Android Security Bulleti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
