Security

New SAP NetWeaver Vulnerability Allows Server Takeover Without Authentication

SAP has released updates addressing 13 security flaws, with special focus on a critical vulnerability in SAP NetWeaver AS Java that could allow attackers to execute arbitrary commands. Tracked as CVE-2025-42944, this flaw has a CVSS score of 10.0, making it highly severe. Security experts classify it as an insecure deserialization issue. According to CVE.org, […]

New SAP NetWeaver Vulnerability Allows Server Takeover Without Authentication Read More »

Two Critical Red Lion RTU Flaws Rated CVSS 10.0 Could Give Hackers Full Industrial Control

Cybersecurity researchers have disclosed two severe vulnerabilities in Red Lion Sixnet remote terminal units, RTUs, that together can allow unauthenticated attackers to gain root level code execution on affected devices. The issues, tracked as CVE-2023-40151 and CVE-2023-42770, carry the maximum CVSS score, 10.0, highlighting the high risk to industrial control systems across energy, water, transportation,

Two Critical Red Lion RTU Flaws Rated CVSS 10.0 Could Give Hackers Full Industrial Control Read More »

Windows Remote Desktop Client Flaw Enables Remote Code Execution

Microsoft has addressed a critical security flaw in the Windows Remote Desktop Client that could allow attackers to execute arbitrary code on a user’s system. The issue, identified as CVE-2025-58718, was disclosed on October 14, 2025, and rated as Important in severity. Although no active exploitation has been reported, cybersecurity researchers warn that the flaw

Windows Remote Desktop Client Flaw Enables Remote Code Execution Read More »

Chrome Use-After-Free Vulnerability Enables Remote Code Execution

Google has released an urgent security update for its Chrome browser after identifying a high-severity use-after-free vulnerability that could allow attackers to execute arbitrary code on users’ devices. This flaw, if exploited, could let hackers take full control of a system simply through a malicious website visit, making it critical for users to update immediately.

Chrome Use-After-Free Vulnerability Enables Remote Code Execution Read More »

Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Divert Employee Salaries

A cyber threat group identified as Storm-2657 has been observed taking over employee accounts with the intent of redirecting salary payments to attacker-controlled bank accounts. According to a report from the Microsoft Threat Intelligence team, “Storm-2657 is actively targeting various U.S.-based organizations, especially employees in sectors such as higher education, to infiltrate third-party Human Resources

Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Divert Employee Salaries Read More »

Fortra Discloses Full Timeline of CVE-2025-10035 Exploitation, from Detection to Patch

Fortra has officially disclosed the complete timeline of events surrounding the exploitation of CVE-2025-10035, a critical vulnerability in its GoAnywhere Managed File Transfer (MFT) software. The flaw has reportedly been under active attack since at least September 11, 2025. Investigation and Initial Discovery According to Fortra, the investigation began on September 11 after a customer

Fortra Discloses Full Timeline of CVE-2025-10035 Exploitation, from Detection to Patch Read More »

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More

Cybersecurity threats are advancing faster than ever, with attackers increasingly combining social engineering, AI-driven manipulation, and cloud exploitation to target systems once deemed secure. From communication platforms to smart devices, every technological convenience simultaneously expands the potential attack surface. This edition of ThreatsDay Bulletin highlights these overlapping risks and the necessary measures to maintain trust in

ThreatsDay Bulletin: MS Teams Breach, MFA Hijacking, $2B Crypto Theft, Apple Siri Investigation & More Read More »

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce

The cybercriminal collective known as Scattered Lapsus$ Hunters has intensified their extortion efforts by launching a dedicated leak portal aimed at publishing stolen Salesforce data. This alliance, which includes prominent threat actors such as ShinyHunters, Scattered Spider, and Lapsus$, represents a new level of sophistication in ransomware-as-a-service operations, specifically targeting one of the most widely

Lapsus$ Hunters Launch New Leak Site to Publish Data Stolen from Salesforce Read More »

FreePBX SQL Injection Flaw Exploited to Alter Database Records

A critical, unauthenticated SQL injection vulnerability in FreePBX is being actively exploited, posing a severe risk to VoIP infrastructures worldwide. Attackers are abusing a web endpoint to inject database entries, create scheduled tasks, and ultimately run arbitrary code on compromised systems. What is affected, and why it matters FreePBX, the web-based administrative interface commonly used

FreePBX SQL Injection Flaw Exploited to Alter Database Records Read More »

CrowdStrike Falcon Windows Sensor Vulnerability Allows Remote Code Execution, File Deletion on Host

CrowdStrike has disclosed two medium-severity vulnerabilities in its Falcon sensor for Windows that could allow attackers, who already have code execution capabilities on a system, to delete arbitrary files. These flaws have been patched in the latest sensor versions, and no evidence of active exploitation has been found so far. Details of the Vulnerabilities The

CrowdStrike Falcon Windows Sensor Vulnerability Allows Remote Code Execution, File Deletion on Host Read More »