Google patches sixth Chrome zero-day exploited in attacks this year
Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the…
Author: Cybernoz
Critical WatchGuard Vulnerability Lets Unauthenticated Attackers Run Arbitrary Code
WatchGuard released an advisory detailing a critical vulnerability in its Firebox line of network security appliances. Tracked as CVE-2025-9242, the flaw resides in the iked…
Catchpoint improves monitoring posture with AI capabilities
Catchpoint released two AI-powered capabilities designed to simplify digital resilience for critical applications: Catchpoint Root Cause Analysis (RCA) and Catchpoint Advisor, which improve monitoring posture…
Greenshot Vulnerability Exposes Windows To Code Execution
A security vulnerability has been discovered in Greenshot, the widely used open-source screenshot tool for Windows. The Greenshot vulnerability exposes to the risk of arbitrary…
Insight Partners Confirms Data Breach Result of Ransomware Attack
Venture capital firm Insight Partners has revealed that the data breach disclosed earlier this year was the result of a ransomware attack. Insight Partners informed…
TP-Link Router Zero-Day RCE Vulnerability Exploited Bypassing ASLR Protections
A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2025-9961, has been discovered in TP-Link routers. Security research firm ByteRay has released a proof-of-concept…
Absolute Security Rehydrate restores compromised endpoints
Absolute Security released Rehydrate, empowering enterprises to recover from IT or cyber incidents remotely and at scale to minimize operational downtime. Enterprises with business operations…
Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions
Sep 18, 2025Ravie LakshmananVulnerability / Browser Security Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that…
Pixie Dust Wi-Fi Attack Exploits Routers WPS to Obtain PIN and Connect With Wireless Network
The newly publicized Pixie Dust attack has once again exposed the critical vulnerabilities inherent in the Wi-Fi Protected Setup (WPS) protocol, enabling attackers to extract…
Malicious Typosquatted PyPI Packages Spreading SilentSync RAT
On August 4, 2025, Zscaler ThreatLabz uncovered two malicious Python packages—sisaws and secmeasure—that deliver SilentSync, a Python-based remote access trojan (RAT), to unsuspecting developers. Both…
Behind the scenes of cURL with its founder: Releases, updates, and security
In this Help Net Security interview, Daniel Stenberg, lead developer od cURL, discusses how the widely used tool remains secure across billions of devices, from…
Hackers Abuse RTL/LTR Text Tricks and Browser Flaws to Mask Malicious Links
Cybersecurity researchers at Varonis Threat Labs have uncovered a persistent vulnerability that has remained unaddressed for over a decade, allowing attackers to exploit browser handling…