A critical vulnerability in AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), a cornerstone of confidential computing deployed by major cloud providers like AWS, Azure, and Google Cloud. Dubbed RMPocalypse, the attack exploits a flaw in the initialization of the Reverse Map Table (RMP), which enforces memory integrity to prevent hypervisors from tampering with […] The post New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data appeared first on Cyber Security News.

A recent analysis from researcher Itamar Hällström has revealed the technical workings and forensic trail of “EDR-Freeze,” a proof-of-concept technique that temporarily disables security software. By abusing legitimate Windows components, this method can place Endpoint Detection and Response (EDR) and antivirus (AV) processes into a temporary, reversible coma, allowing attackers to operate undetected. How EDR-Freeze […] The post EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed appeared first on Cyber Security News.

A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what appear to be stolen valid credentials rather than brute-force methods. This coordinated attack highlights the […] The post SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups appeared first on Cyber Security News.

Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations. Tracked as CVE-2025-61884, the flaw affects the Oracle Configurator component and was detailed in a security alert released on October 11, 2025. This comes just […] The post Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication appeared first on Cyber Security News.

A new technique enables attackers to exploit antivirus software by injecting harmful code directly into the antivirus processes. This approach makes it easier for them to evade detection and compromise the security that antivirus software is designed to provide. This method, detailed by cybersecurity researcher Two Seven One Three on X (@TwoSevenOneT), involves cloning protected […] The post Hackers Can Inject Malicious Code into Antivirus Processes to Create a Backdoor appeared first on Cyber Security News.

An active in-the-wild exploitation of a zero-day vulnerability in Gladinet CentreStack and Triofox products. Tracked as CVE-2025-11371, the unauthenticated Local File Inclusion (LFI) flaw allows attackers to achieve remote code execution (RCE) on affected systems. The vulnerability is currently unpatched, but a mitigation has been provided. Organizations using the affected software are strongly urged to […] The post Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks appeared first on Cyber Security News.

SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that all customers who used the cloud backup feature are affected by the breach. The investigation […] The post SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files appeared first on Cyber Security News.

A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the secure boot chain of the Nothing Phone (2a) and CMF Phone 1, potentially affecting other devices using MediaTek systems-on-a-chip (SoCs). The exploit, named Fenrir and published by researcher R0rt1z2, allows for arbitrary code execution at the highest privilege level, effectively breaking the […] The post PoC Exploit Released For Nothing Phone Code Execution Vulnerability appeared first on Cyber Security News.

GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities that could lead to denial-of-service (DoS) attacks and allow unauthorized access. All self-managed GitLab installations are strongly advised to upgrade promptly to mitigate potential disruptions. GitLab.com and […] The post GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack appeared first on Cyber Security News.