Microsoft Releases Cumulative Update for Windows 10 With July Patch Tuesday 2025
Microsoft rolled out its latest cumulative update for Windows 10, version 21H2 and 22H2, as well as Windows 10 Enterprise LTSC 2021 and Windows 10…
Category: CyberSecurityNews
Zoom Clients for Windows Vulnerability Exposes Users to DoS Attacks
Recently, two vulnerabilities have been discovered in specific Zoom Clients for Windows, which could enable attackers to launch Denial of Service (DoS) attacks. These flaws,…
Ivanti Endpoint Manager Mobile Vulnerabilities Allow Attackers to Decrypt Other Users’ Passwords
Ivanti has identified and resolved three high-severity vulnerabilities in its Endpoint Manager (EPM) software. If exploited, these flaws could enable attackers to decrypt other users’…
Anatsa Android Banking Malware from Google Play Targeting Users in the U.S. and Canada
ThreatFabric researchers have identified a sophisticated new campaign by the Anatsa banking trojan specifically targeting mobile banking customers across the United States and Canada, marking…
FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code
Fortinet disclosed a significant security flaw in its FortiOS operating system, identified as CVE-2025-24477. This heap-based buffer overflow vulnerability, classified under CWE-122, affects the cw_stad…
CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS) that is being actively exploited in cyberattacks. The vulnerability,…
macOS SMBClient Vulnerability Allows Remote Code Execution and Kernel Crash
Multiple vulnerabilities in macOS SMBClient that could allow attackers to execute arbitrary code remotely and crash systems. The vulnerabilities affecting the SMB filesystem client used…
Hackers Use ClickFix Technique to Deploy NetSupport RAT via Compromised WordPress Sites
Security researchers have uncovered a sophisticated cyberattack campaign leveraging compromised WordPress websites to distribute the NetSupport Remote Access Trojan through an innovative social engineering method…
Weaponized Chrome Extension Affects 1.7 Million Users Despite Google’s Verified Badges
A sophisticated malware campaign has infected over 1.7 million Chrome users through eleven seemingly legitimate browser extensions, all of which carried Google’s verified badge and…
PoC Exploits for CitrixBleed2 Flaw Released – Attackers Can Exfiltrate 127 Bytes Per Request
Security researchers have released proof-of-concept exploits for a critical vulnerability dubbed “CitrixBleed2” affecting Citrix NetScaler ADC and Gateway products. The vulnerability, tracked as CVE-2025-5777, allows…
SAP’s July 2025 Patch Day
SAP has released its July 2025 Security Patch Day update, addressing a significant number of vulnerabilities across its enterprise software portfolio. The comprehensive security update…
CISA Warns of PHPMailer Command Injection Vulnerability Exploited in Attacks
Key Takeaways1. CVE-2016-10033 in PHPMailer allows attackers to execute arbitrary code through command injection in the mail() function.2. The vulnerability is being exploited in live…