Daily Cyber News

IRGC-Linked APT35’s Structure, Toolset, and Espionage Operations Revealed

Since surfacing in the mid-2010s as a persistent threat actor, the IRGC-linked APT35 collective has continually adapted its methods to target government agencies, energy companies, and diplomatic missions across the Middle East and beyond. What began as credential-harvesting phishing campaigns has matured into a modular, multi-stage toolkit that supports deep network infiltration and prolonged espionage. […]

IRGC-Linked APT35’s Structure, Toolset, and Espionage Operations Revealed Read More »

GitLab Releases Security Update to Patch Multiple Vulnerabilities Enabling DoS Attacks

GitLab has rolled out critical security updates for both its Community Edition (CE) and Enterprise Edition (EE), introducing versions 18.4.2, 18.3.4, and 18.2.8. These updates address several vulnerabilities that could be exploited to perform denial-of-service (DoS) attacks or gain unauthorized access to GitLab systems. GitLab strongly recommends all self-managed installations upgrade immediately to avoid potential service interruptions. Meanwhile,

GitLab Releases Security Update to Patch Multiple Vulnerabilities Enabling DoS Attacks Read More »

Linux Kernel ksmbd Filesystem Flaw Exploited, Proof of Concept Released

Security researchers have published a full proof-of-concept exploit for a serious vulnerability in the Linux kernel ksmbd module, showing a reliable route to local privilege escalation. The issue, tracked as CVE-2025-37947, is an out-of-bounds write that an authenticated local user can abuse to gain full root control on affected systems. What the bug is, and

Linux Kernel ksmbd Filesystem Flaw Exploited, Proof of Concept Released Read More »

Proof of Concept Exploit Released for Nothing Phone Remote Code Execution Vulnerability

A proof of concept exploit, called Fenrir and published by researcher R0rt1z2, has been released for a critical weakness in the secure boot chain used by the Nothing Phone (2a) and CMF Phone 1, and likely present in other devices using MediaTek system on chips. The exploit lets an attacker run code at the highest

Proof of Concept Exploit Released for Nothing Phone Remote Code Execution Vulnerability Read More »

Shuyal Stealer Targets 19 Browsers to Harvest Login Credentials

Shuyal Stealer has quickly become one of the most flexible credential theft tools observed in recent months. First seen in early August, its modular design enables it to target a wide variety of web browsers, including Chromium-based, Gecko-based, and legacy engines, making it a high-risk threat for many environments. Early signs and impact Initial indicators

Shuyal Stealer Targets 19 Browsers to Harvest Login Credentials Read More »

Microsoft Events Vulnerability Exposes User Data from Registration and Waitlist Databases

A major security vulnerability was discovered in the Microsoft Events platform, which could have allowed unauthorized access to personal information stored in two separate databases — the event registration list and the waitlist database. Discovery of the Flaw The issue was identified by a 15-year-old bug bounty researcher, known as Faav, who uncovered that the flaw exposed

Microsoft Events Vulnerability Exposes User Data from Registration and Waitlist Databases Read More »

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID

A significant service outage has disrupted Microsoft 365, preventing users from accessing key services, including the Admin Center and applications that depend on Microsoft Entra ID for authentication. The issue began on Thursday, October 9, 2025, and is impacting organizations worldwide. Widespread Service Disruption The outage has affected users attempting to log in to the Microsoft 365

Microsoft 365 Outage Blocks Access to Admin Center, Core Services, and Entra ID Read More »

Critical Flaw in WordPress Service Finder Theme Allows Authentication Bypass by Attackers

A serious security flaw has been discovered in the popular Service Finder WordPress theme, which attackers are actively exploiting to gain unauthorized access to websites. This vulnerability allows threat actors to log in as any user, including administrators, and take complete control of affected sites. Details of the Vulnerability The flaw, tracked as CVE-2025-5947 with a

Critical Flaw in WordPress Service Finder Theme Allows Authentication Bypass by Attackers Read More »

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine

Russian hackers have taken their cyber offensive to a new level by integrating artificial intelligence (AI) into cyber attacks against Ukraine, according to a report published by the State Service for Special Communications and Information Protection of Ukraine (SSSCIP). The report revealed that during the first half of 2025 (H1 2025), hackers began using AI

AI Emerges as Russia’s Latest Cyber Weapon in Its War on Ukraine Read More »

Critical Figma MCP Flaw Allows Remote Code Execution, Users Urged to Patch Immediately

A serious security flaw has been discovered in the figma-developer-mcp (Model Context Protocol) server, which could allow attackers to execute arbitrary code remotely. Although the issue has now been patched, experts are warning users to update immediately to prevent exploitation. Details of the Vulnerability The vulnerability, tracked as CVE-2025-53967 with a CVSS score of 7.5,

Critical Figma MCP Flaw Allows Remote Code Execution, Users Urged to Patch Immediately Read More »