Category: Cyber Security

Dolby Digital Plus 0-Click Vulnerability Enables RCE Attack via Malicious Audio on Android A critical zero-click vulnerability in Dolby Digital Plus (DDP) audio decoding software has been disclosed, allowing attackers to execute malicious code remotely via seemingly innocuous audio messages. Google Project Zero’s Ivan Fratric and Natalie Silvanovich have identified an out-of-bounds write flaw in…

PoC Exploit for 7-Zip Vulnerabilities that Allows Remote Code Execution A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip, potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files. The flaws, tracked as CVE-2025-11001 and CVE-2025-11002, were disclosed by the Zero Day Initiative (ZDI) on October 7, 2025, and…

Critical Zimbra SSRF Vulnerability Let Attackers Access Sensitive Data A newly disclosed Server-Side Request Forgery (SSRF) flaw in Zimbra Collaboration Suite has raised major security concerns, prompting administrators to patch systems immediately. The issue, identified in the chat proxy configuration component, could allow attackers to gain unauthorized access to internal resources and sensitive user data.…

Cisco IOS and IOS XE Software Vulnerabilities Let Attackers Execute Remote Code Cisco has disclosed a severe vulnerability in its widely used IOS and IOS XE Software, potentially allowing attackers to crash devices or seize full control through remote code execution. The flaw, rooted in the Simple Network Management Protocol (SNMP) subsystem, stems from a…

F5 Released Security Updates Covering Multiple Products Following Recent Hack F5 Networks, a leading provider of application security and delivery solutions, has disclosed a significant security breach involving a nation-state threat actor, prompting the release of critical updates for its core products. Detected in August 2025, the incident exposed internal systems to prolonged unauthorized access,…

CISA Warns Of Adobe Experience Manager Forms 0-Day Vulnerability Exploited In Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe code execution vulnerability in Adobe Experience Manager Forms, urging organizations to patch immediately. Tracked as CVE-2025-54253, this flaw affects the Java Enterprise Edition (JEE) version of the software…

Windows Remote Desktop Client Vulnerability Let Attackers Execute Remote Code Microsoft has patched a critical flaw in its Remote Desktop Client that could allow attackers to execute malicious code on victims’ systems. Disclosed on October 14, 2025, as CVE-2025-58718, the vulnerability stems from a use-after-free error, earning an “Important” severity rating. While not yet exploited…

Elastic Cloud Enterprise Vulnerability Let Attackers Execute Malicious Commands Elastic has disclosed a critical vulnerability in its Elastic Cloud Enterprise (ECE) platform that allows administrators with malicious intent to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 under advisory ESA-2025-21, the flaw stems from improper neutralization of special elements in the Jinjava template…

New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit, raising alarms for Linux system administrators worldwide. CVE-2025-32463 targets the chroot feature in Sudo versions 1.9.14 through 1.9.17, enabling local attackers to escalate privileges…

SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what appear to be…

Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations. Tracked as CVE-2025-61884, the flaw affects the Oracle Configurator component and was detailed…

Hackers Can Inject Malicious Code into Antivirus Processes to Create a Backdoor A new technique enables attackers to exploit antivirus software by injecting harmful code directly into the antivirus processes. This approach makes it easier for them to evade detection and compromise the security that antivirus software is designed to provide. This method, detailed by…

Gladinet CentreStack And Triofox 0-Day RCE Vulnerability Actively Exploited In Attacks An active in-the-wild exploitation of a zero-day vulnerability in Gladinet CentreStack and Triofox products. Tracked as CVE-2025-11371, the unauthenticated Local File Inclusion (LFI) flaw allows attackers to achieve remote code execution (RCE) on affected systems. The vulnerability is currently unpatched, but a mitigation has…

GitLab Security Update – Patch For Multiple Vulnerabilities That Enables DoS Attack GitLab has released important security updates. The new versions are 18.4.2, 18.3.4, and 18.2.8 for both Community Edition (CE) and Enterprise Edition (EE). These updates fix several vulnerabilities that could lead to denial-of-service (DoS) attacks and allow unauthorized access. All self-managed GitLab installations…

Multiple Chrome Vulnerabilities Expose Users to Arbitrary Code Execution Attacks Google has released Chrome version 141.0.7390.65/.66 for Windows and Mac, along with 141.0.7390.65 for Linux, addressing multiple critical security vulnerabilities that could allow attackers to execute arbitrary code on affected systems.  The update, announced on October 7, 2025, includes three significant security fixes that pose…

Attacks on Palo Alto PAN-OS Global Protect Login Portals Surge from 2,200 IPs A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October 7, 2025.  This represents a significant surge from the initial 1,300 IPs observed just days earlier, marking…

CISA Warns of Zimbra Collaboration Suite (ZCS) XSS Zero-Day Vulnerability Actively Exploited in Attacks CISA has issued a critical warning regarding a zero-day cross-site scripting (XSS) vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), designated as CVE-2025-27915.  This vulnerability has been actively exploited in attacks and poses significant risks to organizations using the popular email and…

CISA Warns of Windows Privilege Escalation Vulnerability Exploited in Attacks CISA has issued an urgent security advisory, adding Microsoft Windows privilege escalation vulnerability CVE-2021-43226 to its Known Exploited Vulnerabilities (KEV) catalog on October 6, 2025.  The vulnerability affects the Microsoft Windows Common Log File System (CLFS) Driver and poses significant security risks to enterprise environments.…

Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as CVE-2025-37728, affects multiple versions of Kibana and could allow a malicious user to access cached CrowdStrike credentials from other users…

OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability is a bypass of a previous fix for a similar issue (CVE-2023-51385) and exploits…

Redis Server Vulnerability use-after-free Vulnerability Enables Remote Code Execution A critical use-after-free vulnerability, identified as CVE-2025-49844, has been discovered in Redis servers, enabling authenticated attackers to achieve remote code execution. This high-severity flaw affects all versions of Redis that utilize the Lua scripting engine, presenting a significant threat to a wide range of deployments that…

PoC Exploit Released for Sudo Vulnerability that Enables Attackers to Gain Root Access A publicly available proof-of-concept (PoC) exploit has been released for CVE-2025-32463, a local privilege escalation (LPE) flaw in the Sudo utility that can grant root access under specific configurations.  Security researcher Rich Mirch is credited with identifying the weakness, while a functional…

Unity Real-Time Development Platform Vulnerability Let Attackers Execute Arbitrary Code Unity Technologies has issued a critical security advisory warning developers about a high-severity vulnerability affecting its widely used game development platform.  The flaw, designated CVE-2025-59489, exposes applications built with vulnerable Unity Editor versions to unsafe file loading attacks that could enable local code execution and…

Chrome Security Update – Patch for 21 Vulnerabilities that Allows Attackers to Crash Browser Google has released Chrome 141 to address 21 security vulnerabilities, including critical flaws that could allow attackers to crash browsers and potentially execute malicious code. The update, rolling out across Windows, Mac, and Linux platforms, patches several high-severity vulnerabilities that pose…

48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild.  The vulnerability, tracked as CVE-2025-20333, poses an immediate risk to organizations worldwide with a CVSS score of 9.9, representing one of the most severe…

Apple Font Parser Vulnerability Enables Malicious Fonts to Corrupt Process Memory Apple has rolled out security updates across its operating systems to address a vulnerability in the Font Parser component that could allow malicious fonts to crash applications or corrupt process memory. The vulnerability, identified as CVE-2025-43400, affects a wide range of products, including the…

Critical Western Digital My Cloud NAS Vulnerability Allows Remote Code Execution Western Digital has released security updates for a critical vulnerability affecting multiple My Cloud network-attached storage (NAS) devices. The flaw, tracked as CVE-2025-30247, could allow a remote attacker to execute arbitrary code on vulnerable systems, potentially leading to a complete device takeover. The company…

VMware Tools and Aria Operations Vulnerabilities Let Attackers Escalate Privileges to Root VMware has released an advisory to address three high-severity vulnerabilities in VMware Aria Operations, VMware Tools, VMware Cloud Foundation, VMware Telco Cloud Platform, and VMware Telco Cloud Infrastructure.  Disclosed on 29 September 2025, the advisory covers CVE-2025-41244, CVE-2025-41245, and CVE-2025-41246 with CVSSv3 base…

Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers.  The vulnerability tracked as CVE-2025-59934 affects all versions prior to 4.0.1 and stems from improper token validation that uses jwt.decode()…

Google Project Zero Details ASLR Bypass on Apple Devices Using NSDictionary Serialization A Google Project Zero researcher has detailed a novel technique for remotely leaking memory addresses on Apple’s macOS and iOS. This method can bypass a key security feature, Address Space Layout Randomization (ASLR), without relying on traditional memory corruption vulnerabilities or timing-based side-channel…