-
Microsoft has officially released Windows 11, version 25H2, also known as the Windows 11 2025 Update, marking the next feature update for the operating system. The update became available for general availability on September 30, 2025, initiating a phased rollout to eligible devices. This new version is designed as a service, with updates delivered periodically […] The post Windows 11 25H2 Released for General Availability – Know Issues and Mitigations appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has confirmed two serious vulnerabilities impacting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls. Tracked as CVE-2025-20333 and CVE-2025-20362, both issues allow attackers to run arbitrary code on unpatched d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The OpenSSL Project has released a critical security advisory, addressing three significant vulnerabilities that could allow attackers to execute remote code and potentially recover private cryptographic keys. These flaws affect multiple OpenSSL versions across different platforms and could lead to memory corruption, denial of service attacks, and unauthorized access to sensitive cryptographic materials. The most […] The post OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Organizations face an ever-evolving cyberthreat landscape marked by faster, more complex attacks. Today, Microsoft is answering this call with the general availability of an agentic security platform built on Microsoft Sentinel. This new wave…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Research has uncovered three significant vulnerabilities in Google’s Gemini AI assistant suite, dubbed the “Gemini Trifecta,” that could have allowed cybercriminals to steal users’ saved data and live location information. The v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently being exploited in the wild. This flaw allows local adversaries to bypass access controls and execute arbitrary commands as the root user, even without explicit sudoers privileges. Sudo Chroot Bypass (CVE-2025-32463) Identified as “Inclusion […] The post CISA Warns of Linux Sudo Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers are observing a significant increase in internet-wide scans targeting the critical PAN-OS GlobalProtect vulnerability (CVE-2024-3400). Exploit attempts have surged as attackers seek to leverage an arbitrary file creation flaw to achieve OS command injection and ultimately full root code execution on vulnerable firewalls. Exploitation of Critical PAN-OS SSL VPN Flaw (CVE-2024-3400) Since late […] The post Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security vulnerability in Tesla’s Telematics Control Unit (TCU) allowed attackers with physical access to bypass security measures and gain full root-level code execution. The flaw stemmed from an incomplete lockdown of the Android Debug Bridge (ADB) on an external Micro USB port, enabling a physically present attacker to compromise the vehicle’s TCU. Tesla has […] The post Tesla’s Telematics Control Unit Vulnerability Let Attackers Gain Code Execution as Root appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Japanese beer and beverage giant Asahi Group Holdings has been forced to halt production at its domestic factories as a result of a cyberattack that struck on Monday. Asahi, known for its popular brands such as Asahi Super Dry Beer, Nikka Whisky, and M…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
An uptick in internet-wide scanning activity indicates that threat actors are actively probing for systems vulnerable to CVE-2024-3400, a critical GlobalProtect flaw in Palo Alto Networks PAN-OS. Security researchers at SANS ISC observed a single …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
