-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about the active exploitation of a new zero-day vulnerability in Microsoft Windows. This security flaw, tracked as CVE-2025-62215, affects the Windows Kernel and c…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Palo Alto Networks has disclosed a critical denial-of-service vulnerability in its PAN-OS firewall software that allows unauthenticated attackers to remotely reboot firewalls by sending specially crafted packets. Tracked as CVE-2025-4619, the vulnerability poses significant risks to organizations relying on Palo Alto firewalls for network security. The flaw, identified as CWE-754 (Improper Check for Unusual or […] The post Palo Alto PAN-OS Firewall Vulnerability Let Attackers Reboot Firewall by Sending Malicious Packet appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Elastic has released a security advisory addressing an origin validation error in Kibana that could expose systems to Server-Side Request Forgery (SSRF) attacks. The vulnerability, tracked as CVE-2025-37734, affects multiple versions of the popular dat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A vulnerability in OpenAI’s advanced video generation model, Sora 2, that enables the extraction of its hidden system prompt through audio transcripts, raising concerns about the security of multimodal AI systems. This vulnerability, detailed in a blog post by AI security firm Mindgard, demonstrates how creative prompting across text, images, video, and audio can bypass […] The post OpenAI Sora 2 Vulnerability Exposes System Prompts via Audio Transcripts appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Dell Technologies has disclosed a critical security vulnerability affecting its Data Lakehouse platform that could allow attackers with high-level privileges to escalate their access and compromise system integrity. The flaw, tracked as CVE-2025-46608,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting WatchGuard Firebox firewalls to its Known Exploited Vulnerabilities (KEV) catalog, warning of active exploitation in the wild. The flaw, tracked as…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway platforms. The flaw, tracked as CVE-2025-12101, poses a moderate security risk to organizations relying on these network applian…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Amazon’s threat intelligence team has uncovered a sophisticated cyber campaign exploiting previously undisclosed zero-day vulnerabilities in critical enterprise infrastructure. Advanced threat actors are actively targeting Cisco Identity Service …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A vulnerability has been discovered in Lite XL, a lightweight text editor, that could allow attackers to execute arbitrary code on affected systems. Carnegie Mellon University experts identified CVE-2025-12120, which affects Lite XL versions 2.1.8 and earlier. The flaw exists in how Lite XL handles project configuration files. How the Vulnerability Works When users open […] The post Lite XL Text editor Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cloud Software Group has disclosed a cross-site scripting (XSS) vulnerability affecting NetScaler ADC and NetScaler Gateway products. Tracked as CVE-2025-12101, the flaw allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to session hijacking, data theft, or unauthorized actions. The vulnerability carries a moderate CVSSv4 score of 5.9, highlighting its […] The post Citrix NetScaler ADC and Gateway Vulnerability Enables Cross-Site Scripting Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
