Chrome 142 Update Patches 20 Security Flaws Enabling Code Execution
Google has released Chrome version 142 to the stable channel, addressing multiple critical security vulnerabilities that could allow attackers to execute malicious code on affected…
Month: October 2025
Aembit Introduces Identity and Access Management for Agentic AI – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Silver Spring, USA/ Maryland, October 30th, 2025, CyberNewsWire The new capabilities, anchored by Blended Identity and the MCP Identity Gateway, give enterprises a secure and…
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia
Ex-Defense contractor exec pleads guilty to selling cyber exploits to Russia Pierluigi Paganini October 30, 2025 Former US defense contractor exec Peter Williams pled guilty…
New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft…
700+ Android Apps Harvest Banking Login Details
A sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed…
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
Oct 30, 2025Ravie LakshmananDevSecOps / Software Security Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over…
PhantomRaven Attack Involves 126 Malicious npm Packages with Over 86,000 Downloads Hiding Malicious Code
A sophisticated malware campaign targeting developers has been operating since August 2025, deploying 126 malicious npm packages that have collectively accumulated over 86,000 downloads. The…
Critical RediShell RCE Vulnerability Threatens 8,500+ Redis Deployments Worldwide
A critical security vulnerability in Redis’s Lua scripting engine has left thousands of database instances vulnerable to remote code execution attacks. The RediShell RCE vulnerability,…
PolarEdge Botnet Infected 25,000+ Devices and 140 C2 Servers Exploiting IoT Vulnerabilities
A sophisticated botnet campaign has compromised more than 25,000 IoT devices across 40 countries while establishing 140 command-and-control servers to facilitate cybercrime operations. The PolarEdge…
New Attack Chains Ghost SPNs and Kerberos Reflection to Elevate SMB Privileges
Microsoft has addressed a critical privilege escalation vulnerability affecting Windows environments worldwide. Attackers can exploit misconfigured Service Principal Names (SPNs) combined with Kerberos reflection attacks…
Akeyless introduces AI Agent Identity Security for safer AI operations
Akeylesshas released a new AI Agent Identity Security solution designed to secure the rise of autonomous AI systems. AI Agent identity crisis More than 95%…
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed
Dentsu’s US subsidiary Merkle hit by cyberattack, staff and client data exposed Pierluigi Paganini October 30, 2025 Dentsu said its U.S. unit Merkle was hit…