OpenAI’s newly launched Guardrails framework, designed to enhance AI safety by detecting harmful behaviors, has been swiftly compromised by researchers using basic prompt injection methods. Released on October 6, 2025, the framework employs large language models (LLMs) to judge inputs and outputs for risks like jailbreaks and prompt injections, but experts from HiddenLayer demonstrated that […] The post Hackers Can Bypass OpenAI Guardrails Using a Simple Prompt Injection Technique appeared first on Cyber Security News.

A critical vulnerability in Lenovo’s Dispatcher drivers has come under the spotlight after researchers released a proof-of-concept exploit that demonstrates privilege escalation on affected Windows systems. Identified as CVE-2025-8061, this flaw stems from insufficient access controls in the drivers, potentially allowing local attackers to execute arbitrary code with elevated privileges. Discovered by security firm Quarkslab, […] The post PoC Exploit Unveiled for Lenovo Code Execution Vulnerability Enabling Privilege Escalation appeared first on Cyber Security News.

A critical vulnerability in AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), a cornerstone of confidential computing deployed by major cloud providers like AWS, Azure, and Google Cloud. Dubbed RMPocalypse, the attack exploits a flaw in the initialization of the Reverse Map Table (RMP), which enforces memory integrity to prevent hypervisors from tampering with […] The post New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data appeared first on Cyber Security News.

A recent analysis from researcher Itamar Hällström has revealed the technical workings and forensic trail of “EDR-Freeze,” a proof-of-concept technique that temporarily disables security software. By abusing legitimate Windows components, this method can place Endpoint Detection and Response (EDR) and antivirus (AV) processes into a temporary, reversible coma, allowing attackers to operate undetected. How EDR-Freeze […] The post EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed appeared first on Cyber Security News.

A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what appear to be stolen valid credentials rather than brute-force methods. This coordinated attack highlights the […] The post SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups appeared first on Cyber Security News.

Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations. Tracked as CVE-2025-61884, the flaw affects the Oracle Configurator component and was detailed in a security alert released on October 11, 2025. This comes just […] The post Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication appeared first on Cyber Security News.