-
The Wireshark Foundation today announced the release of Wireshark 4.4.9, delivering critical stability improvements and updates to its protocol dissectors. This incremental release, the ninth maintenance update in the 4.4 series, addresses a high-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity firm Zscaler has disclosed a data breach affecting customer contact information after unauthorized actors gained access to the company’s Salesforce database through compromised third-party application credentials. The breach origina…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered critical security vulnerability in the Next.js framework, designated CVE-2025-29927, poses a significant threat to web applications by allowing malicious actors to completely bypass authorization mechanisms. This vulnerability arises from improper handling of the x-middleware-subrequest header within Next.js middleware execution, potentially exposing sensitive administrative areas and protected resources to unauthorized access. The vulnerability […] The post Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MediaTek today published a critical security bulletin addressing several vulnerabilities across its latest modem chipsets, urging device OEMs to deploy updates immediately. The bulletin, issued two months after confidential OEM notification, confirms that no known in-the-wild exploits have been detected to date. Key Takeaways1. MediaTek patched high- and medium-severity modem and firmware bugs across 60+ […] The post MediaTek Security Update – Patch for Multiple Vulnerabilities Across Chipsets appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability in SUSE’s Fleet, a GitOps management tool for Kubernetes clusters, has been disclosed by security researcher samjustus via GitHub Security Advisory GHSA-6h9x-9j5v-7w9h. The vulnerability, tracked as CVE-2024-52284, allows …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical client-side remote code execution (RCE) vulnerability in Google Web Designer exposed Windows users to full system compromise, according to a detailed write-up by security researcher Balint Magyar. Affecting versions prior to 16.4.0.0711 (rel…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed critical vulnerability in the Next.js framework, tracked as CVE-2025-29927, allows unauthenticated attackers to bypass middleware-based authorization checks by exploiting improper handling of the x-middleware-subrequest HTTP header. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
MediaTek today published its September 2025 Product Security Bulletin, disclosing and remediating a series of critical and moderate vulnerabilities in its modem and system components. The announcement highlights that all affected device OEMs have alrea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Salesforce has published a comprehensive forensic investigation guide aimed at empowering organizations to detect, analyze, and remediate security incidents within their Salesforce environments. The new guide distills best practices across three critic…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A growing wave of sophisticated attacks is turning macOS’s built-in security defenses into avenues for malware distribution, according to recent security research. As macOS continues to gain market share, cybercriminals are adapting their strategies to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
