Latest Cybersecurity News and Articles
25 September 2025
Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances.
The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it "after local Administrator credentials were
25 September 2025
More than 5 million records were exposed in an online database.
24 September 2025
A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor.
Recorded Future, which was tracking the activity under the moniker TAG-100, has now graduated it to a hacking group dubbed RedNovember.
24 September 2025
Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM.
The activity, attributed to UNC5221 and closely related, suspected China-nexus threat clusters, is designed to facilitate
24 September 2025
Boyd Gaming has informed the SEC about a data breach affecting the information of employees and other individuals.
The post Hackers Target Casino Operator Boyd Gaming appeared first on SecurityWeek.
24 September 2025
Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks.
The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below -
CVE-2025-10643 (CVSS score: 9.1) - An authentication bypass vulnerability that
24 September 2025
The hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools.
The post GeoServer Flaw Exploited in US Federal Agency Hack appeared first on SecurityWeek.
24 September 2025
Cybersecurity researchers believe the attack on Collins Aerospace involved a piece of ransomware known as HardBit.
The post European Airport Cyberattack Linked to Obscure Ransomware, Suspect Arrested appeared first on SecurityWeek.
24 September 2025
Most businesses don't make it past their fifth birthday - studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered the art of survival. For 158 years, KNP adapted and endured, building a transport business that operated 500 trucks
24 September 2025
U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.
24 September 2025
Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share "significant" source code overlaps with IcedID and Latrodectus.
"The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks," Zscaler ThreatLabz said in a Tuesday report. "YiBackdoor is able to execute
24 September 2025
Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them.
Download the complete iframe security guide here.
TL;DR: iframe Security Exposed
Payment iframes are being actively exploited by attackers using
24 September 2025
GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing.
The post GitHub Boosting Security in Response to NPM Supply Chain Attacks appeared first on SecurityWeek.
24 September 2025
The attack was aimed at a European network infrastructure company and it has been linked to the Aisuru botnet.
The post Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps appeared first on SecurityWeek.
24 September 2025
The software update includes additional file checks and helps users remove the known rootkit deployed in a recent campaign.
The post SonicWall Updates SMA 100 Appliances to Remove Overstep Malware appeared first on SecurityWeek.
24 September 2025
Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments.
The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek.
24 September 2025
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS).
The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) that allows attackers to
24 September 2025
Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors.
The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity.
"Libraesva ESG is affected by a command injection flaw that can be triggered by a malicious email containing a
23 September 2025
JLR extended the pause in production “to give clarity for the coming week as we build the timeline for the phased restart of our operations and continue our investigation.”
The post Jaguar Land Rover Says Shutdown Will Continue Until at Least Oct 1 After Cyberattack appeared first on SecurityWeek.
23 September 2025
More than 300 servers and 100,000 SIM cards designed to mimic cellphones and overwhelm networks.
The post A Massive Telecom Threat Was Stopped Right As World Leaders Gathered at UN Headquarters in New York appeared first on SecurityWeek.