Xerox FreeFlow Vulnerabilities leads to SSRF and RCE Attacks
An urgent security update has been released for Xerox FreeFlow Core software, addressing two critical vulnerabilities that could allow attackers to execute remote code and…
Category: CyberSecurityNews
APT Sidewinder Spoofs Government and Military Institutions to Steal Login Credentials
APT Sidewinder, a persistent threat actor believed to originate from South Asia, has launched a sophisticated credential harvesting campaign targeting government and military entities across…
New Open Source Tool to Exploit Vulnerabilities in SSH Protocol
SSHAmble is a powerful open-source reconnaissance tool designed to identify and exploit vulnerabilities in SSH implementations across internet-facing systems. Presented at DEFCON 33, this research…
INE Named to Training Industry’s 2025 Top 20 Online Learning Library List
Cary, United States, August 11th, 2025, CyberNewsWire Hands-on cybersecurity and IT training leader recognized for innovation in practical, work-ready education INE has been selected for Training…
WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware
A critical zero-day vulnerability has been identified in WinRAR that cybercriminals are actively exploiting through sophisticated phishing campaigns to distribute RomCom malware. The flaw, designated…
GPT-5 Jailbreaked With Echo Chamber and Storytelling Attacks
Researchers have compromised OpenAI’s latest GPT-5 model using sophisticated echo chamber and storytelling attack vectors, revealing critical vulnerabilities in the company’s most advanced AI system. …
7-Zip Arbitrary File Write Vulnerability Allows Attackers to Execute Code
A newly disclosed security vulnerability in the popular 7-Zip file compression software has raised significant concerns in the cybersecurity community. CVE-2025-55188, discovered and reported by…
New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Domain Controllers into DDOS Botnet
LAS VEGAS — At the DEF CON 33 security conference, researchers Yair and Shahak Morag of SafeBreach Labs unveiled a new class of denial-of-service (DoS)…
Google Confirms Data Breach – Notifying Users Affected By the Cyberattack
Tech giant Google has officially acknowledged a significant data breach affecting its corporate Salesforce database, with the company completing email notifications to affected users as…
Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
Darknet markets, operating beyond the reach of traditional payment processors and legal systems, rely on escrow systems to secure cryptocurrency transactions between buyers and vendors. …
ChatGPT “0-Click” Vulnerability in Connectors Exposed Sensitive Google Drive Data
A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the…
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox
August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges…