Cisco IOS RCE Vulnerability CVE-2025-20352 Exploited
Cisco has publicly disclosed a critical remote code execution (RCE) vulnerability, tracked as CVE-2025-20352, affecting its widely deployed Cisco IOS...
Read more →Author: Cybernoz
NVIDIA Merlin Vulnerability Allow Attacker to Achieve Remote Code Execution With Root Privileges
A critical vulnerability in NVIDIA’s Merlin Transformers4Rec library (CVE-2025-23298) enables unauthenticated attackers to achieve remote code execution (RCE) with root...
Read more →
SetupHijack Tool Abuses Race Conditions in Windows Installer to Hijack Setups
Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in...
Read more →
North Korean IT workers use fake profiles to steal crypto
ESET Research has published new findings on DeceptiveDevelopment, also called Contagious Interview. This North Korea-aligned group has become more active...
Read more →
Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed
Sep 25, 2025Ravie LakshmananSoftware Security / Malware Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called...
Read more →
Zoom includes AI at no extra cost to crack enterprise adoption puzzle
Zoom has thrown down the gauntlet in the enterprise artificial intelligence (AI) race, with the announcement that AI Companion 3.0...
Read more →Cisco Patches Zero-Day Flaw Affecting Routers and Switches
Cisco on Wednesday announced patches for 14 vulnerabilities in IOS and IOS XE, including a bug that has been exploited...
Read more →
Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data
Numerous mobile applications have been found to expose critical user information through misconfigured Firebase services, allowing unauthenticated attackers to access...
Read more →
Malware Deployment via Copyright Takedown Claims by Threat Actors
Threat actors from the Lone None group are exploiting copyright takedown notices to distribute sophisticated malware, including Pure Logs Stealer...
Read more →
GenAI is exposing sensitive data at scale
Sensitive data is everywhere and growing fast. A new report from Concentric AI highlights how unstructured data, duplicate files, and...
Read more →
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software
Cisco fixed actively exploited zero-day in Cisco IOS and IOS XE software Pierluigi Paganini September 25, 2025 Cisco addressed a...
Read more →
New Domain-fronting Attack Uses Google Meet, YouTube, Chrome and GCP to Tunnel Traffic
Organizations commonly allow traffic to core services like Google Meet, YouTube, Chrome update servers, and Google Cloud Platform (GCP) to...
Read more →