-
A new proof-of-concept exploit has been released for three severe vulnerabilities in the Lua scripting engine used by Redis 7.4.5. Security researchers discovered that attackers can trigger remote code execution and privilege escalation by abusing flaw…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Enterprise AI assistants face a hidden menace when invisible control characters are used to smuggle malicious instructions into prompts. In September 2025, FireTail researcher Viktor Markopoulos tested several large language models (LLMs) for susc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Three newly disclosed vulnerabilities have been identified in the Lua scripting engine of Redis 7.4.5, each presenting severe risks of remote code execution and privilege escalation. Redrays has released a detailed proof-of-concept (PoC) to exploit these vulnerabilities, which is now publicly available. Organizations are urged to act immediately. Use-After-Free Flaw (CVE-2025-49844) This vulnerability arises when […] The post PoC Exploit Released for Critical Lua Engine Vulnerabilities appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a critical warning regarding a zero-day cross-site scripting (XSS) vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), designated as CVE-2025-27915. This vulnerability has been actively exploited in attacks and poses significant risks to organizations using the popular email and collaboration platform. Zimbra Collaboration Suite (ZCS) XSS Flaw The vulnerability exists within the Classic […] The post CISA Warns of Zimbra Collaboration Suite (ZCS) XSS Zero-Day Vulnerability Actively Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October 7, 2025. This represents a significant surge from the initial 1,300 IPs observed just days earlier, marking the highest scanning activity recorded in the past 90 days according to GreyNoise […] The post Attacks on Palo Alto PAN-OS Global Protect Login Portals Surge from 2,200 IPs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released Chrome version 141.0.7390.65/.66 for Windows and Mac, along with 141.0.7390.65 for Linux, addressing multiple critical security vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, announced on October 7, 2025, includes three significant security fixes that pose serious risks to users worldwide. Heap Buffer Overflow and Memory […] The post Multiple Chrome Vulnerabilities Expose Users to Arbitrary Code Execution Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical SQL injection vulnerability in FreePBX, designated as CVE-2025-57819, has been actively exploited by attackers to modify the database and achieve arbitrary code execution on vulnerable systems. The vulnerability affects the popular open-sour…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google rolled out version 141.0.7390.65/.66 for Windows and Mac and 141.0.7390.65 for Linux. This update fixes three critical security flaws, all of which involve memory handling errors that an attacker could exploit to execute arbitrary code in the co…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued a warning about a new zero-day cross-site scripting (XSS) flaw in the Zimbra Collaboration Suite (ZCS). This vulnerability is already in use by attackers to hijack user sessions, steal data, and push malicious filters. Organizations run…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel and alarming cybersecurity threat has emerged, turning an ordinary computer peripheral into a sophisticated eavesdropping device. Researchers have detailed a new technique, dubbed the “Mic-E-Mouse” attack, which allows threat actors to exfiltrate sensitive data by exploiting the high-performance optical sensors found in many modern computer mice. This method can covertly capture and reconstruct […] The post New Mic-E-Mouse Attack Let Hackers Exfiltrate Sensitive Data by Exploiting Mouse Sensors appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
