Category: CyberSecurityNews

PoC Exploit Released for BIND 9 Vulnerability that Let Attackers Forge DNS Records
29
Oct
2025

PoC Exploit Released for BIND 9 Vulnerability that Let Attackers Forge DNS Records

A public exploit code demonstrating how attackers could exploit CVE-2025-40778, a critical vulnerability in BIND 9 that enables DNS cache…

Thousands of Exchange Servers in Germany Still Running with Out-of-Support Versions
29
Oct
2025

Thousands of Exchange Servers in Germany Still Running with Out-of-Support Versions

Microsoft Exchange servers in Germany are still running without security updates, just weeks after the official end of support for…

Chrome to Alert Users “Always Use Secure Connections” While Opening Public HTTP Sites
29
Oct
2025

Chrome to Alert Users “Always Use Secure Connections” While Opening Public HTTP Sites

Google has announced a significant security initiative that will fundamentally change how Chrome handles unsecured web connections. Beginning with Chrome…

Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack
29
Oct
2025

Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack

A persistent vulnerability related to DLL hijacking has been identified in the Narrator accessibility tool, which has been a significant…

29
Oct
2025

Windows Accessibility Flaw Allows Stealthy Persistence and Lateral Movement via Narrator DLL Hijack

A persistent vulnerability related to DLL hijacking has been identified in the Narrator accessibility tool, which has been a significant…

New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network
29
Oct
2025

New Beast Ransomware Actively Scans for Active SMB Port from Breached System to Spread Across Network

The Beast ransomware group has emerged as a significant threat in the cybersecurity landscape, evolving from the Monster ransomware strain…

CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
29
Oct
2025

CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks

CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat…

Hackers Allegedly Claim Breach Of HSBC USA Customers' Records Including Financial Details
29
Oct
2025

Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details

A threat actor has claimed responsibility for breaching HSBC USA, alleging possession of a vast database containing sensitive customer personal…

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User
29
Oct
2025

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS…

Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions
29
Oct
2025

Microsoft Sued for Allegedly Misleading Millions to Subscribe for Microsoft 365 Subscriptions

Australia’s competition regulator has filed legal proceedings against Microsoft for allegedly misleading approximately 2.7 million Australian consumers regarding subscription options…

Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests
29
Oct
2025

Microsoft Details ASP.NET Vulnerability That Enables Attackers To Smuggle HTTP Requests

Microsoft has issued a critical security update for ASP.NET Core to address CVE-2025-55315, a high-severity flaw that enables HTTP request…

Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files
29
Oct
2025

Docker Compose Vulnerability Allow Attacks To Overwrite Arbitrary Files

Docker Compose, a cornerstone tool for developers managing containerized application harbors a high-severity vulnerability that lets attackers overwrite files anywhere…