-
Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in Windows installers and updaters. The utility demonstrates how attackers can hijack privileged setup proc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Steam has officially confirmed that malware was discovered in the popular indie game BlockBlasters. The announcement follows widespread player reports and security scans that flagged unusual activity in the game’s files. This incident raises concerns a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have observed renewed exploit campaigns targeting an eight-year-old backdoor in Hikvision cameras to harvest configuration files, user lists, and snapshots. Attackers automate scans across IP ranges, appending a base64-encoded “aut…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Hikvision security cameras, first disclosed in 2017, is being actively exploited by hackers to gain unauthorized access to sensitive information. SANS researchers observed a recent surge in malicious activity targeting a specific flaw, identified as CVE-2017-7921, which carries a critical severity score of 10.0 on the CVSS scale. The exploit attempts […] The post Hackers Exploiting Hikvision Camera Vulnerability to Access Sensitive Information appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the Linux Kernel’s ksmbd file sharing component allows remote attackers to execute code with kernel privileges. Tracked as CVE-2025-38561, this flaw affects Linux distributions that include the ksmbd SMB server implementatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A severe vulnerability in the Linux kernel’s ksmbd SMB server implementation has been disclosed, potentially allowing authenticated remote attackers to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2025-38561 and assigned a CVSS score of 8.5, represents a significant security risk for Linux systems utilizing the kernel-based SMB server functionality. The flaw disclosed […] The post Linux Kernel ksmbd Vulnerability Allows Remote Attackers to Execute Arbitrary Code appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library allows attackers to achieve remote code execution with root privileges. Discovered by the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team, the flaw stems from unsafe deseria…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed a critical zero-day vulnerability in its IOS and IOS XE software that is being actively exploited by threat actors in real-world attacks. The flaw, tracked as CVE-2025-20352, affects the Simple Network Management Protocol (SNMP) sub…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed a zero-day vulnerability, CVE-2025-20352, in its widely used IOS and IOS XE software, confirming it is being actively exploited in the wild. The flaw exists in the Simple Network Management Protocol (SNMP) subsystem and can allow a remote attacker to achieve remote code execution (RCE) or cause a denial-of-service (DoS) condition on […] The post Cisco IOS 0-Day RCE Vulnerability Actively Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new study has uncovered a method for silently installing custom extensions on Chromium-based browsers running in Windows domain environments. By exploiting how Chrome and its relatives store extension settings and security checks in preference files,…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
