Category: CyberSecurityNews

Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild
23
Oct
2025

Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild

Hackers have begun actively targeting a critical remote code execution flaw in Adobe’s Magento e-commerce platform, putting thousands of online…

CISA Warns of Motex LANSCOPE Endpoint Manager Vulnerability Exploited in Attacks
23
Oct
2025

CISA Warns of Motex LANSCOPE Endpoint Manager Vulnerability Exploited in Attacks

CISA has issued a critical alert regarding a severe vulnerability in Motex LANSCOPE Endpoint Manager, a popular tool for managing…

Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process
23
Oct
2025

Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process

Atlassian has disclosed a high-severity path traversal vulnerability in Jira Software Data Center and Server that enables authenticated attackers to…

DHS Asks OpenAI To Share Information on ChatGPT Prompts Used By Users
23
Oct
2025

DHS Asks OpenAI To Share Information on ChatGPT Prompts Used By Users

The Department of Homeland Security (DHS) has issued the first known federal search warrant compelling OpenAI to disclose user data…

Impacket Tool in Kali Repo Upgraded With New Attack Paths and Relay Tricks
23
Oct
2025

Impacket Tool in Kali Repo Upgraded With New Attack Paths and Relay Tricks

The popular Impacket toolkit, a staple in penetration testing and now integrated into the Kali Linux repository, is set for…

Multiple Oracle VM VirtualBox Vulnerabilities Enables Complete Takeover Of VirtualBox
23
Oct
2025

Multiple Oracle VM VirtualBox Vulnerabilities Enables Complete Takeover Of VirtualBox

Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control…

TARmageddon Vulnerability In Rust Library Let Attackers Replace Config Files And Execute Remote Codes
23
Oct
2025

TARmageddon Vulnerability In Rust Library Let Attackers Replace Config Files And Execute Remote Codes

A severe vulnerability in the async-tar Rust library and its popular forks, including the widely used tokio-tar. Dubbed TARmageddon and…

Multiple BIND 9 DNS Vulnerabilities Enable Cache Poisoning and Denial Of Service Attacks
23
Oct
2025

Multiple BIND 9 DNS Vulnerabilities Enable Cache Poisoning and Denial Of Service Attacks

The Internet Systems Consortium (ISC) disclosed three high-severity vulnerabilities in BIND 9 on October 22, 2025, potentially allowing remote attackers…

Hackers Weaponizing OAuth Applications for Persistent Cloud Access Even After Password Reset
23
Oct
2025

Hackers Weaponizing OAuth Applications for Persistent Cloud Access Even After Password Reset

Cloud account takeover attacks have evolved into a sophisticated threat as cybercriminals and state-sponsored actors increasingly weaponize OAuth applications to…

New PassiveNeuron Attacking Servers of High-Profile Organizations to Implant Malware
22
Oct
2025

New PassiveNeuron Attacking Servers of High-Profile Organizations to Implant Malware

A sophisticated cyberespionage campaign dubbed PassiveNeuron has resurfaced with infections targeting government, financial, and industrial organizations across Asia, Africa, and…

Here's How to Solve It 
22
Oct
2025

Here’s How to Solve It 

QR codes used to be harmless, now they’re one of the sneakiest ways attackers slip past defenses. Quishing, or QR code phishing, hides malicious…

Critical Vulnerability in MCP Server Platform Exposes 3,000 Servers and Thousands of API Keys
22
Oct
2025

Critical Vulnerability in MCP Server Platform Exposes 3,000 Servers and Thousands of API Keys

A critical vulnerability in Smithery.ai, a popular registry for Model Context Protocol (MCP) servers. This issue could have allowed attackers…