Author: Cybernoz

Beyond CVEs – Turning Visibility into Action with ASM
06
Dec
2025

Beyond CVEs – Turning Visibility into Action with ASM

Torrance, California, USA, December 5th, 2025, CyberNewsWire Criminal IP will host a live webinar on December 16 at 11:00 AM…

Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Relationship Index for Penetration Testing
06
Dec
2025

Sprocket Security Earns Repeat Recognition in G2’s Winter 2025 Penetration Testing Index

Madison, United States, December 5th, 2025, CyberNewsWire Sprocket Security is proud to announce that it has once again been recognized…

Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges
06
Dec
2025

Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges

Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the…

Maximum-severity XXE vulnerability discovered in Apache Tika
06
Dec
2025

Maximum-severity XXE vulnerability discovered in Apache Tika

Maximum-severity XXE vulnerability discovered in Apache Tika Pierluigi Paganini December 06, 2025 A maximum severity vulnerability in Apache Tika, tracked…

Critical vulnerability in Fortinet FortiWeb is under exploitation
06
Dec
2025

State-linked groups target critical vulnerability in React Server Components

Researchers warn that critical vulnerabilities in Meta’s React Server Components and Next.js are under threat from botnets and state-linked adversaries. …

Attackers hit React defect as researchers quibble over proof
06
Dec
2025

Attackers hit React defect as researchers quibble over proof

Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta…

More evidence your AI agents can be turned against you
05
Dec
2025

More evidence your AI agents can be turned against you

Agentic AI tools are being pushed into software development pipelines, IT networks and other business workflows. But using these tools…

Russian Hackers Spoof European Events in Targeted Phishing Attacks
05
Dec
2025

Russian Hackers Spoof European Events in Targeted Phishing Attacks

Russian threat actors are running a new wave of phishing campaigns that spoof major European security events to quietly steal…

AWS Execution Roles Enable Subtle Privilege Escalation in SageMaker and EC2
05
Dec
2025

AWS Execution Roles Enable Subtle Privilege Escalation in SageMaker and EC2

A persistent privilege escalation technique in AWS that allows attackers with limited permissions to execute code under higher-privileged execution roles…

Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues
05
Dec
2025

Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues

A bipartisan group of senators are looking to tackle health care cybersecurity by reviving legislation that would update regulations and…

Barts Health NHS discloses data breach after Oracle zero-day hack
05
Dec
2025

Barts Health NHS discloses data breach after Oracle zero-day hack

Barts Health NHS Trust, a major healthcare provider in England, announced that Clop ransomware actors have stolen files from one of…

Cloudflare Outage Traced to Emergency React2Shell Patch Deployment
05
Dec
2025

Cloudflare Outage Traced to Emergency React2Shell Patch Deployment

Cloudflare’s global network suffered a brief but widespread disruption this morning, lasting approximately 25 minutes, due to an internal change…