Vulnerabilities

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch

Chinese-linked threat actors have quickly exploited the ToolShell security vulnerability in Microsoft SharePoint, targeting multiple organizations across the globe shortly after Microsoft patched the flaw in July 2025. This series of attacks highlights the speed and sophistication of threat actors in leveraging newly disclosed vulnerabilities for espionage and cybercrime. The initial breach affected a telecommunications […]

Chinese Threat Actors Exploit ToolShell SharePoint Flaw Shortly After Microsoft’s July Patch Read More »

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams

Security researchers have discovered vulnerabilities in Microsoft’s Azure ecosystem that allow attackers to create fraudulent applications that look like official services, including Microsoft Teams and the Azure Portal. Unicode Trick Bypasses Safeguards Varonis identified that Azure’s protection mechanisms, which prevent reserved names in cross-tenant apps, can be circumvented by inserting invisible Unicode characters. Attackers used

Azure Apps Vulnerability Allows Attackers to Create Malicious Apps That Impersonate Microsoft Teams Read More »

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations

A serious security flaw has been discovered in Zyxel’s ATP and USG series network security appliances, enabling attackers to bypass two-factor authentication and access sensitive system configurations without authorization. Identified as CVE-2025-9133, this vulnerability impacts devices running ZLD firmware version 5.40 and was publicly disclosed on October 21, 2025, following a coordinated disclosure. The flaw

Zyxel Authorization Bypass Vulnerability Lets Attackers View and Download System Configurations Read More »

Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers and Install Malicious Modules

Security researchers have uncovered a widespread campaign where attackers exploited publicly available ASP.NET machine keys to break into Windows IIS web servers, then installed a malicious IIS module to hijack traffic and profit from fake search rankings. The group, tracked as REF3927, leveraged keys published in places like Microsoft documentation and online forums, making many

Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers and Install Malicious Modules Read More »

Vulnerability in Chrome V8 JavaScript Engine Enables Remote Code Execution

Google has issued an emergency security update to fix a high-severity flaw in the V8 JavaScript engine used by the Chrome browser. The patch was released quickly to prevent potential remote code execution (RCE) attacks that could compromise user devices. Discovery of the Vulnerability The flaw, identified as CVE-2025-12036, originates from an improper implementation inside

Vulnerability in Chrome V8 JavaScript Engine Enables Remote Code Execution Read More »

TARmageddon Vulnerability in Async-Tar Rust Library Could Lead to Remote Code Execution

Cybersecurity experts have identified a high-severity security flaw in the async-tar Rust library and its related forks, including tokio-tar, which could enable remote code execution (RCE) in certain conditions. Tracked as CVE-2025-62518 with a CVSS score of 8.1, the flaw, codenamed “TARmageddon” by Edera, was discovered in August 2025. It affects several widely used Rust-based

TARmageddon Vulnerability in Async-Tar Rust Library Could Lead to Remote Code Execution Read More »

TP-Link Fixes Four Security Bugs in Omada Gateways, Including Two Remote Code Execution Risks

TP-Link has issued security patches to fix four vulnerabilities affecting its Omada gateway devices. Among them are two critical flaws that could allow attackers to execute arbitrary code remotely. Overview of Vulnerabilities The identified vulnerabilities are as follows: According to TP-Link’s advisory published on Tuesday, “Attackers may execute arbitrary commands on the device’s underlying operating

TP-Link Fixes Four Security Bugs in Omada Gateways, Including Two Remote Code Execution Risks Read More »

CISA Adds Five Actively Exploited Vulnerabilities to Catalog Targeting Oracle and Microsoft

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. This update officially confirms that a newly disclosed flaw in Oracle E-Business Suite (EBS) has been weaponized in real-world attacks, posing serious risks to organizations using affected systems. Oracle E-Business Suite Flaws Under Attack

CISA Adds Five Actively Exploited Vulnerabilities to Catalog Targeting Oracle and Microsoft Read More »

North Korean Hackers Merge BeaverTail and OtterCookie into Sophisticated JavaScript Malware

North Korean hackers linked to the Contagious Interview campaign are enhancing their malicious tools by merging two major malware families, BeaverTail and OtterCookie. This evolution, observed by Cisco Talos, shows that the group is actively upgrading its capabilities and refining its JavaScript-based attack methods. Ongoing Campaign and New Findings According to Cisco Talos, the recent

North Korean Hackers Merge BeaverTail and OtterCookie into Sophisticated JavaScript Malware Read More »

Windows BitLocker Flaws Allow Attackers to Bypass Encryption Security

Microsoft has revealed two major security vulnerabilities in its Windows BitLocker encryption system that could let attackers with physical access bypass data protection and read encrypted files. The flaws, listed as CVE-2025-55338 and CVE-2025-55333, were disclosed on October 14, 2025, as part of Microsoft’s Patch Tuesday updates. Both issues are rated Important with a CVSS

Windows BitLocker Flaws Allow Attackers to Bypass Encryption Security Read More »