ConnectWise Vulnerabilities Allow Attackers To Inject Malicious Updates
ConnectWise released a critical security update for its Automate platform on October 16, 2025. The patch, version 2025.9, addresses serious flaws in agent communications that…
Category: CyberSecurityNews
New Tech Support Scam with Microsoft’s Logo Tricks Users to Steal Login Credentials
A new campaign has emerged that weaponizes Microsoft’s familiar branding to lure unsuspecting users into a sophisticated tech support scam. Victims receive a seemingly legitimate…
Windows Rust-based Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error
A vulnerability in Microsoft’s newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw, which could trigger a system-wide crash…
APT28 With Weaponized Office Documents Delivers BeardShell and Covenant Modules
Russia’s APT28 has resurfaced in mid-2025 with a sophisticated spear-phishing campaign that weaponizes Office documents to deploy two novel payloads: BeardShell, a C-based backdoor leveraging…
LinkPro Rootkit Attacking GNU/Linux Systems Using eBPF Module to Hide Malicious Activities
A sophisticated rootkit targeting GNU/Linux systems has emerged, leveraging advanced eBPF (extended Berkeley Packet Filter) technology to conceal malicious activities and evade traditional monitoring tools.…
North Korean Hackers Using EtherHiding to Deliver Malware and Steal Cryptocurrency
In recent months, a sophisticated malware campaign—dubbed EtherHiding—has emerged from North Korea-aligned threat actors, sharply escalating the cybersecurity risks facing cryptocurrency exchanges and their users…
Cisco Desk, IP, and Video Phone Vulnerabilities Let Remote Attackers Trigger DoS And XSS Attacks
Cisco has issued a security advisory warning of multiple vulnerabilities in its Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone…
VMware Workstation and Fusion 25H2 Released with New Features and Latest OS Support
VMware has launched Workstation 25H2 and Fusion 25H2, the newest iterations of its desktop hypervisors, featuring a revamped versioning system, enhanced tools, and broader compatibility…
F5 Released Security Updates Covering Multiple Products Following Recent Hack
F5 Networks, a leading provider of application security and delivery solutions, has disclosed a significant security breach involving a nation-state threat actor, prompting the release…
Cisco IOS and IOS XE Software Vulnerabilities Let Attackers Execute Remote Code
Cisco has disclosed a severe vulnerability in its widely used IOS and IOS XE Software, potentially allowing attackers to crash devices or seize full control…
New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials
Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat…
Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities
U.S. Senator Bill Cassidy, Chairman of the Senate Health, Education, Labor, and Pensions (HELP) Committee, has demanded answers from Cisco Systems regarding recent zero-day vulnerabilities…