risk
-
BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code
A newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the…
Read More » -
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
The Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of…
Read More » -
Hackers Target and Hijack Washington Post Journalists’ Email Accounts
A targeted cyberattack has struck The Washington Post, compromising the email accounts of several of its journalists and raising new…
Read More » -
HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation
HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to…
Read More » -
Developers Beware – Sophisticated Phishing Scams Exploit GitHub Device Code Flow to Hijack Tokens
A sophisticated and increasing wave of cyberattacks now targets software developers through a little-known yet legitimate GitHub feature: the OAuth…
Read More » -
Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header
A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the…
Read More » -
Arsen Launches AI-Powered Vishing Simulation to Help Organizations Combat Voice Phishing at Scale
Arsen, the cybersecurity startup known for defending organizations against social engineering threats, has announced the release of its new Vishing Simulation…
Read More » -
Over 40,000 Internet-Connected Cameras Exposed, Streaming Live Online
Bitsight TRACE has uncovered more than 40,000 security cameras openly accessible on the internet—streaming live footage from homes, offices, factories,…
Read More » -
Multiple Microsoft Office Vulnerabilities Enable Remote Code Execution by Attackers
Microsoft has disclosed four critical remote code execution (RCE) vulnerabilities in its Office suite as part of the June 2025…
Read More » -
Seraphic Security Unveils BrowserTotal™ – Free AI-Powered Browser Security Assessment For Enterprises
Tel Aviv, Israel, June 9th, 2025, CyberNewsWire Available to the public and debuting at the Gartner Security & Risk Management…
Read More » -
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated…
Read More » -
New Rust-Developed InfoStealer Drains Sensitive Data from Chromium-Based Browsers
A newly identified information-stealing malware, crafted in the Rust programming language, has emerged as a significant threat to users of…
Read More » -
Threat Actors Exploit Malware Loaders to Circumvent Android 13+ Accessibility Safeguards
Threat actors have successfully adapted to Google’s stringent accessibility restrictions introduced in Android 13 and later versions. These safeguards, rolled…
Read More » -
Critical Icinga 2 Vulnerability Allows Attackers to Obtain Valid Certificates
A critical vulnerability (CVE-2025-48057) has been discovered in Icinga 2, the widely used open-source monitoring platform. The flaw, affecting installations…
Read More » -
Microsoft Reveals Techniques for Defending Against Evolving AiTM Attacks
Microsoft has exposed the escalating sophistication of phishing attacks, particularly focusing on Adversary-in-the-Middle (AiTM) techniques that are becoming a cornerstone…
Read More » -
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges
A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID…
Read More » -
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers…
Read More »