A critical vulnerability has been discovered in WatchGuard’s Firebox firewalls, which could allow a remote, unauthenticated attacker to execute arbitrary code on affected devices. The flaw, tracked as CVE-2025-9242, has been assigned a critical severity rating with a CVSS score of 9.3 out of 10. WatchGuard disclosed the issue in an advisory, WGSA-2025-00015, released on […] The post Critical WatchGuard Vulnerability Allows Unauthenticated Attacker to Execute Arbitrary Code appeared first on Cyber Security News.

Critical vulnerabilities were identified in Chaos Mesh, a popular Cloud Native Computing Foundation chaos engineering platform used for fault injection testing in Kubernetes environments.  The security flaws, collectively dubbed “Chaotic Deputy,” comprise four CVEs that enable complete cluster compromise through relatively simple exploitation techniques. Key Takeaways1. “Chaotic Deputy” in Chaos Mesh <2.7.3 allows unauthenticated GraphQL […] The post Critical Chaos Mesh Vulnerabilities Let Attackers Takeover Kubernetes Cluster appeared first on Cyber Security News.

A denial-of-service flaw in the Linux kernel’s KSMBD (SMB Direct) subsystem has raised alarms across the open-source community.  Tracked as CVE-2025-38501, the issue allows a remote, unauthenticated adversary to exhaust all available SMB connections by exploiting the kernel’s handling of half-open TCP sessions.  Key Takeaways1. CVE-2025-38501 lets attackers exhaust KSMBD connections via half-open TCP handshakes.2. […] The post Linux Kernel’s KSMBD Subsystem Vulnerability Let Remote Attackers Exhaust Server Resources appeared first on Cyber Security News.

A large-scale supply chain attack dubbed “Shai-Halud” that infiltrated the JavaScript ecosystem via the npm registry.  In total, 477 packages, including packages from CrowdStrike, were found to contain stealthy backdoors and trojanized modules designed to siphon credentials, exfiltrate source code, and enable remote code execution (RCE) on developer machines. Key Takeaways1. Obfuscated backdoors hit 477 npm packages […] The post Massive “Shai-Halud” Supply Chain Attack Compromised 477 NPM Packages appeared first on Cyber Security News.

A critical vulnerability has been discovered in LG’s WebOS for smart TVs, allowing an attacker on the same local network to bypass authentication mechanisms and achieve full control over the device. The flaw, which affects models like the LG WebOS 43UT8050, enables unauthenticated attackers to gain root access, install malicious applications, and completely compromise the […] The post LG WebOS TV Vulnerability Let Attackers Bypass Authentication and Enable Full Device Takeover appeared first on Cyber Security News.

An ongoing supply chain attack has compromised multiple npm packages published by CrowdStrike, extending a malicious campaign known as the “Shai-Halud attack.” The incident, which involves the same malware previously used to target the popular tinycolor package, highlights the persistent threat of supply chain vulnerabilities within the open-source ecosystem. The npm registry acted swiftly to […] The post CrowdStrike npm Packages Compromised in Ongoing Supply Chain Attack appeared first on Cyber Security News.

Attackers are increasingly leveraging sophisticated techniques to maintain long-term access in cloud environments, and a newly surfaced tool named AWSDoor is emerging as a major threat.  AWSDoor automates a range of IAM and resource-based persistence methods, allowing adversaries to hide in plain sight within AWS accounts without deploying traditional malware. Key Takeaways1. AWSDoor exploits IAM […] The post AWSDoor – New Persistence Technique Allows Attackers to Hide Malware Within AWS Cloud Environment appeared first on Cyber Security News.

Two critical vulnerabilities, CVE-2025-41248 and CVE-2025-41249, have emerged in Spring Security and Spring Framework that could allow attackers to bypass authorization controls in enterprise applications.  These flaws arise when using Spring Security’s @EnableMethodSecurity feature in conjunction with method-level annotations such as @PreAuthorize and @PostAuthorize.  In applications where service interfaces or abstract base classes employ unbounded […] The post Spring Framework Security Flaws Enable Authorization Bypass and Annotation Detection Issues appeared first on Cyber Security News.

A 0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities, achieving remote code execution on a two-year-out-of-date Linux 6.1.45 instance running the kernelspace SMB3 daemon, ksmbd.  By chaining two authenticated N-day flaws, CVE-2023-52440 and CVE-2023-4130, the exploit attains an unauthenticated SLUB overflow and an out-of-bounds heap read primitive, culminating in a user-mode helper invocation and reverse shell […] The post 0-Click Linux Kernel KSMBD RCE Exploit From N-Day Vulnerabilities appeared first on Cyber Security News.

A new Rowhammer attack variant named Phoenix can bypass the latest protections in modern DDR5 memory chips, researchers have revealed. The attack is the first to demonstrate a practical privilege escalation exploit on a commodity system equipped with DDR5 RAM, undermining the assumption that these newer memory modules were immune to such threats. Rowhammer is […] The post New Phoenix Rowhammer Attack Variant Bypasses Protection With DDR5 Chips appeared first on Cyber Security News.