-
Microsoft Azure suffered a significant service interruption that left many customers unable to reach cloud resources. The incident began at roughly 07:40 UTC, when Azure Front Door, the platform’s native content delivery network (CDN), lost about 30 pe…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SonicWall, together with leading incident response firm Mandiant, has completed a thorough review of a recent cloud backup security incident. The investigation confirmed that an unknown party gained access to all firewall configuration backup files for…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SonicWall has confirmed that an unauthorized party accessed and stole the entire repository of customer firewall configuration backup files from its cloud service. The confirmation comes after the completion of an investigation with the cybersecurity firm Mandiant, which determined that all customers who used the cloud backup feature are affected by the breach. The investigation […] The post SonicWall Confirms That Hackers Stole All Customers Firewall Configuration Backup Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept exploit has been published for a critical flaw in the secure boot process of the Nothing Phone (2a) and CMF Phone 1. This exploit can break the chain of trust and allow full code execution at the highest privilege level, posing a sev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical authentication bypass in the Service Finder Bookings plugin has enabled unauthenticated attackers to assume administrator privileges on thousands of WordPress sites. Exploitation began within 24 hours of public disclosure, and over 13,800 ex…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in the secure boot chain of the Nothing Phone (2a) and CMF Phone 1, potentially affecting other devices using MediaTek systems-on-a-chip (SoCs). The exploit, named Fenrir and published by researcher R0rt1z2, allows for arbitrary code execution at the highest privilege level, effectively breaking the […] The post PoC Exploit Released For Nothing Phone Code Execution Vulnerability appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researcher Norbert Szetei published the final installment of his deep-dive into the ksmbd filesystem module, culminating in a working proof-of-concept exploit targeting CVE-2025-37947. Unlike earlier use-after-free candidates that required com…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have released a full proof-of-concept (PoC) exploit for a high-severity vulnerability in the Linux kernel’s ksmbd module, demonstrating a reliable path to local privilege escalation. The vulnerability, tracked as CVE-2025-37947, is an out-of-bounds write that can be leveraged by an authenticated local attacker to gain complete root control over a vulnerable system. This […] The post Linux Kernel ksmbd Filesystem Vulnerability Exploited – PoC Released appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has issued a critical security update to address several denial-of-service (DoS) vulnerabilities affecting both Community Edition (CE) and Enterprise Edition (EE). Self-managed installations should upgrade immediately to versions 18.4.2, 18.3.4,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities that could lead to denial-of-service (DoS) attacks and allow unauthorized access. All self-managed GitLab installations are strongly advised to upgrade promptly to mitigate potential disruptions. GitLab.com and […] The post GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
