Critical CVE-2025-61927 VM Context Escape In Happy DOM Library
A critical security flaw has been identified in Happy DOM, a widely used JavaScript library primarily employed for server-side rendering and testing frameworks. The vulnerability,…
Latest Cybersecurity News — Page 1284
View all →
Unverified COTS hardware enables persistent attacks in small satellites via SpyChain
Unverified COTS hardware enables persistent attacks in small satellites via SpyChain Pierluigi Paganini October 14, 2025 SpyChain shows how unverified COTS hardware in small satellites…
Red, Blue, and Now AI: Rethinking Cybersecurity Training for the 2026 Threat Landscape
Cybersecurity today is defined by complexity. Threats evolve in real time, driven by AI-generated malware, autonomous reconnaissance, and adversaries capable of pivoting faster than ever. …
SimonMed Data Breach Exposes Sensitive Information of 1.2 Million Patients
SimonMed Imaging has confirmed that an external hacking incident compromised the personal data of 1,275,669 patients, making it one of the largest healthcare breaches of…
Khazna leads UAE’s global AI push with massive datacentre expansion
Khazna Data Centers has revealed it will add over 1GW of hyperscale capacity by 2030 across multiple countries. The hosting company’s roadmap includes more than…
Why API security is different (and why it matters)
Two months in at Detectify and I’ve realized something: API security is a completely different game from web application security. And honestly? I think a…
Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution
Ivanti has disclosed 13 vulnerabilities in its Endpoint Manager (EPM) software, including two high-severity flaws that could enable remote code execution and privilege escalation, urging…
Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands
Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges…
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
Oct 14, 2025Ravie LakshmananMalware / Social Engineering Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering…
Nexperia Faces Dutch Intervention Amid Security Concerns
The Dutch government has invoked the Goods Availability Act (Wet Beschikbaarheid Goederen) to assert control over decisions made by Chinese-owned semiconductor firm Nexperia, citing risks…
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884 Pierluigi Paganini October 14, 2025 Oracle issued an emergency security update to…
New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability
A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit, raising alarms for Linux…