Category: CyberSecurityNews

Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle…

A critical remote code execution (RCE) vulnerability in Microsoft’s Update Health Tools (KB4023057). A widely deployed Windows component designed to expedite security…

A critical security flaw has been discovered in HashiCorp’s Vault Terraform Provider that could allow attackers to bypass authentication and…

A new wave of ClickFix attacks is abusing highly realistic fake Windows Update screens and PNG image steganography to secretly…

NVIDIA has disclosed two critical code injection vulnerabilities affecting its Isaac-GR00T robotics platform. The vulnerabilities, tracked as CVE-2025-33183 and CVE-2025-33184,…

A dangerous malware campaign has surfaced targeting cryptocurrency users through a deceptive Python package hosted on the PyPI repository. The…

Large language models like GPT-3.5-Turbo and GPT-4 are transforming how we work, but they are also opening doors for cybercriminals…

Tel Aviv, Israel, November 24th, 2025, CyberNewsWire Blast is introducing a new operating model for cloud security with a first-of-its-kind…

A new malware campaign targeting Brazilian users has emerged, using WhatsApp as its primary distribution channel to spread banking trojans…

A proof-of-concept exploit has been publicly released for CVE-2025-9501, a critical, unauthenticated command-injection vulnerability affecting W3 Total Cache, one of…

A massive resurgence of the Sha1-Hulud supply chain malware has struck the open-source ecosystem, compromising over 800 npm packages and…

India-aligned threat group Dropping Elephant has launched a sophisticated multi-stage cyberattack targeting Pakistan’s defense sector using a Python-based remote access…