Cybersecurity News from Across the Internet
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Sep 25 CyberDanube Security Research 20250909-0 ——————————————————————————- title| Reflected XSS product| ATV 630 vulnerable version| “see Vulnerable versions” fixed version| none CVE number| CVE-2025-7746 impact| Medium homepage| https://www.se.com/ found| 2025-03-11 by| T…. – Read More – Full Disclosure
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Sep 25 CyberDanube Security Research 20250919-0 ——————————————————————————- title| Multiple Vulnerabilities in Novakon HMI Series product| Novakon Touch Screen HMI P Series vulnerable version| P – V2001.A.c518o2 fixed version| – CVE number| CVE-2025-9962, CVE-2025-9963, CVE-2025-9964, | CVE-2025-9965, CVE-2025-9966… – Read More – Full Disclosure
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 25 SEC Consult Vulnerability Lab Security Advisory < 20250923-0 > ======================================================================= title: Missing Certificate Validation leading to RCE product: CleverControl employee monitoring software vulnerable version: 11.5.1041.6 fixed version: – CVE number: CVE-2025-10548 impact: high homepage: https://clevercontrol.com… – Read More – Full Disclosure
A vulnerability has been discovered in Nx (build system) Package, which could allow for sensitive data exfiltration. Nx is a smart, fast, and extensible build system designed for managing monorepos efficiently by providing features like dependency graph analysis, computation caching, distributed task execution, and codebase upgrades. Successful exploitation of this vulnerability could allow an attacker … Read More “A Vulnerability in Nx (build system) Package Could Allow for Sensitive Data Exfiltration – Cyber Security Advisories – MS-ISAC” »
Federal cyber authorities sounded a rare alarm Thursday, issuing an emergency directive about an ongoing and widespread attack spree involving actively exploited zero-day vulnerabilities affecting Cisco firewalls. Cisco said it began investigating attacks on multiple government agencies linked to the state-sponsored campaign in May. The vendor, which attributes the attacks to the same threat group … Read More “CISA alerts federal agencies of widespread attacks using Cisco zero-days – CyberScoop” »
Austin / TX, United States, 25th September 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reports The names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals. The criminals have demanded a ransom from the company – which has … Read More “Hackers reportedly steal details of 8,000 children from Kido nursery chain – Data and computer security | The Guardian” »
The threat actor known as Vane Viper has been outed as a purveyor of malicious ad technology (adtech), while relying on a tangled web of shell companies and opaque ownership structures to deliberately evade responsibility. “Vane Viper has provided core infrastructure in widespread malvertising, ad fraud, and cyberthreat proliferation for at least a decade,” Infoblox … Read More “Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network – The Hacker News” »
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild. The zero-day vulnerabilities in question are listed below – CVE-2025-20333 (CVSS score: 9.9) – An … Read More “Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive – The Hacker News” »
As government looks for ways to tackle illegal immigration, move will spark battle with civil liberties campaigners All working adults will need digital ID cards under plans to be announced by Keir Starmer in a move that will spark a battle with civil liberties campaigners. The prime minister will set out the plans on Friday … Read More “Keir Starmer expected to announce plans for digital ID cards – Data and computer security | The Guardian” »
As Keir Starmer appear poised to introduce such a scheme, we look at the arguments for and against it It is 21 years since Tony Blair’s government made proposals for an ID card system to tackle illegal working and immigration, and to make it more convenient for the public to access services. The same issues … Read More “Digital ID cards: a versatile and useful tool, or a worrying cybersecurity risk? – Data and computer security | The Guardian” »
Department of Government Efficiency practices at three federal agencies “violate statutory requirements, creating unprecedented privacy and cybersecurity risks,” according to a report that Senate Homeland Security and Governmental Affairs Committee Democrats published Thursday. The report — drawn from a mix of media reports, legal filings, whistleblower disclosures to the committee and staff visits to the … Read More “Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules – CyberScoop” »
New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity firm Noma Security reveals ForcedLeak, a critical flaw in Salesforce Agentforce that allowed data theft. Learn what companies need to do now to secure AI agents. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Critical flaw ForcedLeak in Salesforce’s AgentForce allows CRM data theft via prompt injection – Read More –
Cisco Systems has issued security updates to address a critical vulnerability in its widely deployed IOS and IOS XE network operating systems, after confirming the flaw is being exploited in active attacks. Designated CVE-2025-20352, the vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco’s core network software. According to Cisco, the weakness … Read More “Cisco uncovers new SNMP vulnerability used in attacks on IOS devices – CyberScoop” »
The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild” – Read More –
Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection. The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security, – Read … Read More “Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection – The Hacker News” »
Vietnamese phishing campaign evolves from Python infostealer to PureRAT trojan – Read More –
Artificial intelligence is no longer a future concept; it is being integrated into critical infrastructure, enterprise operations and security missions around the world. As we embrace AI’s potential and accelerate its innovation, we must also confront a new reality: the speed of cybersecurity conflict now exceeds human capacity. The timescale for effective threat response has … Read More “Contain or be contained: The security imperative of controlling autonomous AI – CyberScoop” »
The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows, – Read More … Read More “North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers – The Hacker News” »
/* ===== Container ===== */ .td-wrap /* ===== Section ===== */ .td-section .td-title margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; .td-subtitle margin: 0 0 24px; color: #64748b; font-size: 16px; /* ===== Timeline ===== */ .td-timeline position: relative; margin: 0 !important;padding: 0!important; list-style: none; /* spine */ .td-timeline:before – Read More – … Read More “Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More – The Hacker News” »
Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why? It’s not because security teams can’t see enough. Quite the contrary. Every security tool spits out thousands of findings. Patch this. Block that. Investigate this. It’s a tsunami of red dots that not … Read More “CTEM’s Core: Prioritization and Validation – The Hacker News” »
The hackers are likely trying to collect data to feed the development of zero-day exploits, said Google researchers – Read More –
China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google’s Mandiant reports. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations, multi-layered strategies, and a shift in target … Read More “Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds – The Hacker News” »
The UK retailer estimated the losses from temporarily shutting down some of its systems to contain the threat – Read More –
SecurityScorecard report finds 53% of Indian vendors suffered third-party breaches in the past year – Read More –
Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply … Read More “Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed – The Hacker News” »
The UK’s National Crime Agency has arrested a suspect in connection with a ransomware attack on Collins Aerospace – Read More –
Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances. The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it … Read More “Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software – The Hacker News” »
Privacy of data is not a compliance option anymore, it is a national priority. Governments around the world are… The post Government’s Push for Data Privacy in 2025 appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
Ransomware doesn’t just freeze computers – it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages, … Read More “Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware – Graham Cluley” »
The Python Software Foundation (PSF) warns developers of phishing emails leading to a fake PyPI login site designed to steal account credentials. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking the activity under the moniker TAG-100, has now graduated it to a hacking group … Read More “Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike – The Hacker News” »
While investigating the security posture of various machine learning (ML) and artificial intelligence (AI) frameworks, the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team discovered a critical vulnerability in the NVIDIA Merlin Transformers4Rec library that could allow an attacker to achieve remote code execution with root privileges. This vulnerability, tracked as CVE-2025-23298, stems from … Read More “CVE-2025-23298: Getting Remote Code Execution in NVIDIA Merlin – Zero Day Initiative – Blog” »
INC is the name of a ransomware-as-a-service (RaaS) operation that first appeared in late summer 2023. Learn more about what it has been up to, and how to protect against its attacks, in my article on the Fortra blog. – Read More – Graham Cluley
Malicious npm package Fezbox uses QR codes to steal credentials from browser cookies – Read More –
New campaign merges traditional malware with DevOps tools, using GitHub CodeSpaces for DDoS attacks – Read More –
Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC5221 and closely related, suspected China-nexus threat clusters, is designed to facilitate – Read … Read More “UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors – The Hacker News” »
The 19-year-old U.K. national who was arrested at his London residence last week was a highly prolific cybercriminal and a core member of the nebulous hacker subset of The Com, researchers told CyberScoop. Authorities’ yearslong quest to uncover the identities of Scattered Spider associates and charge them with serious crimes reached a tipping point with … Read More “Teen arrested in UK was a core figure in Scattered Spider’s operations – CyberScoop” »
Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below – CVE-2025-10643 (CVSS score: 9.1) – An authentication bypass vulnerability that – Read … Read More “Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models – The Hacker News” »
Ambitious, suspected Chinese hackers with a slew of goals — stealing intellectual property, mining intelligence on national security and trade, developing avenues for future advanced cyberattacks — have been setting up shop inside U.S. target networks for exceptionally long stretches of time, in a breach that the researchers who uncovered it said could present problems … Read More “Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign – CyberScoop” »
Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
UK police arrest man over cyberattack on Collins Aerospace that disrupted check-in at Heathrow, Berlin, Brussels and other airports. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here. TL;DR: iframe Security Exposed Payment iframes are being actively exploited by attackers … Read More “iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks – The Hacker News” »
Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus. “The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks,” Zscaler ThreatLabz said in a Tuesday report. … Read More “New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus – The Hacker News” »
