CyberSecurityNews

SparkKitty Malware Attacking iOS and Android Users to Steal Gallery Images

A sophisticated Trojan malware known as SparkKitty has been actively targeting iOS and Android devices since early 2024, infiltrating both official app stores and untrusted…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

Citrix Windows Virtual Delivery Agent Vulnerability Let Attackers Gain SYSTEM Privileges

A critical security vulnerability has been discovered in Citrix Windows Virtual Delivery Agent that allows local attackers to escalate privileges and gain SYSTEM-level access to…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

Multiple Apache Tomcat Vulnerabilities Let Attackers Trigger DoS Attacks

Apache Tomcat has addressed three critical denial-of-service (DoS) vulnerabilities that could allow malicious actors to disrupt web applications and services. These security flaws, tracked as…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network

A critical information disclosure vulnerability in Microsoft SQL Server, designated as CVE-2025-49719, allows unauthorized attackers to access sensitive data over network connections. This vulnerability stems…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability in Microsoft Remote Desktop Client could allow attackers to execute arbitrary code on victim systems. The vulnerability, designated as CVE-2025-48817, affects…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

CISA Warns of Rails Ruby on Rails Path Traversal Vulnerability Exploited in Attacks

CISA has issued a critical warning regarding a path traversal vulnerability in the Ruby on Rails framework that poses significant risks to web applications worldwide. …

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

DNN Vulnerability Let Attackers Steal NTLM Credentials via Unicode Normalization Bypass

A critical vulnerability in DNN (formerly DotNetNuke) that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as…

July 9, 2025 Cybernoz 3 min read

CyberSecurityNews

How To Defend Against These Phishing Kit Attacks

Phishing kits are evolving fast. Threat actors behind toolkits like Tycoon2FA, EvilProxy, and Sneaky2FA are getting smarter, setting up infrastructure that bypasses 2FA and mimics…

July 8, 2025 Cybernoz 4 min read

CyberSecurityNews

MediaTek July 2025 Security Update Patches Vulnerabilities Affecting a Wide Range of Their Chipsets

MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, affecting devices from smartphones to IoT platforms. The update,…

July 8, 2025 Cybernoz 3 min read

CyberSecurityNews

Nippon Steel Solutions 0-Day Network Vulnerability Exposes Users’ Personal Information

Nippon Steel Solutions has disclosed a significant data breach affecting customer, partner, and employee personal information following a zero-day cyber attack that exploited a previously…

July 8, 2025 Cybernoz 2 min read

CyberSecurityNews

Microsoft Releases Cumulative Update for Windows 10 With July Patch Tuesday 2025

Microsoft rolled out its latest cumulative update for Windows 10, version 21H2 and 22H2, as well as Windows 10 Enterprise LTSC 2021 and Windows 10…

July 8, 2025 Cybernoz 2 min read

CyberSecurityNews

Zoom Clients for Windows Vulnerability Exposes Users to DoS Attacks

Recently, two vulnerabilities have been discovered in specific Zoom Clients for Windows, which could enable attackers to launch Denial of Service (DoS) attacks. These flaws,…

July 8, 2025 Cybernoz 2 min read