Collecting Cyber-News from over 60 sources

Tag: exploit

The Biggest Cyber Stories of the Year: What 2025 Taught Us

Dec 18, 2025 1:19 PM

Tags: access, attack, authentication, awareness, banking, breach, business, ciso, cloud, compliance, container, control, cyber, cyberattack, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, government, healthcare, iam, identity, incident, incident response, Internet, law, metric, mfa, monitoring, network, privacy, regulation, resilience, risk, service, software, strategy, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-day, zero-trust

The Biggest Cyber Stories of the Year: What 2025 Taught Us madhav Thu, 12/18/2025 – 10:30 2025 didn’t just test cybersecurity; it redefined it. From supply chains and healthcare networks to manufacturing floors and data centers, the digital world was reminded of a simple truth: everything is connected, and everything is at risk. Data Security…
Cisco confirms zero-day exploitation of Secure Email products

Dec 18, 2025 1:19 PM

Tags: business, cisco, control, email, exploit, firewall, infrastructure, risk, threat, update, zero-day

Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
React2Shell exploitation spreads as Microsoft counts hundreds of hacked machines

Dec 18, 2025 1:19 PM

Tags: attack, exploit, flaw, microsoft, network, ransomware

Security boffins warn flaw is now being used for ransomware attacks against live networks First seen on theregister.com Jump to article: www.theregister.com/2025/12/18/react2shell_exploitation_spreads_as_microsoft/
Cisco confirms zero-day exploitation of Secure Email products

Dec 18, 2025 1:19 PM

Tags: business, cisco, control, email, exploit, firewall, infrastructure, risk, threat, update, zero-day

Rebuild guidance and operational tradeoffs: Cisco has said that wiping and rebuilding appliances is currently required in cases where compromise has been confirmed.”From a security standpoint, it is indeed the right call,” Tyagi said. “When there’s a risk that attackers have embedded themselves deep in a system, patching alone won’t solve the issue. Rebuilding is…
Fake Proof and AI Slop Hobble Defenders

Dec 18, 2025 1:19 PM

Tags: ai, exploit

In the React2Shell saga, non-working and trivial proof-of-concept exploits led to confusion and perhaps a false sense of security. Can the onslaught of PoCs be tamed? First seen on darkreading.com Jump to article: www.darkreading.com/application-security/fake-proof-ai-slop-hobble-defenders
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

Dec 18, 2025 12:19 PM

Tags: apple, cisa, cisco, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Cisco reported a December 10 campaign…
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

Dec 18, 2025 12:19 PM

Tags: apple, cisa, cisco, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Cisco reported a December 10 campaign…
GhostPairing campaign abuses WhatsApp device linking to hijack accounts

Dec 18, 2025 11:19 AM

Tags: exploit

Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a campaign dubbed GhostPairing, without requiring authentication. Gen Digital first observed the GhostPairing campaign in Czechia, but warns that it can spread globally via compromised accounts. The…
GhostPairing campaign abuses WhatsApp device linking to hijack accounts

Dec 18, 2025 11:19 AM

Tags: exploit

Attackers abuse WhatsApp’s device-linking feature to hijack accounts via pairing codes in the GhostPairing campaign. Attackers are exploiting WhatsApp’s device-linking feature to hijack accounts using pairing codes in a campaign dubbed GhostPairing, without requiring authentication. Gen Digital first observed the GhostPairing campaign in Czechia, but warns that it can spread globally via compromised accounts. The…
Cisco Warns of Active Cyberattack Exploiting Critical AsyncOS Vulnerability

Dec 18, 2025 10:19 AM

Tags: attack, cisco, cyberattack, email, exploit, threat, vulnerability

Cisco has identified an ongoing cyberattack campaign exploiting vulnerabilities in a subset of its appliances running Cisco AsyncOS Software. The attack specifically affects Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances, allowing threat actors to execute arbitrary commands with root privileges. This campaign has been tracked under CVE-2025-20393 and has been classified as critical with a CVSS 10.0 rating. First seen on thecyberexpress.com…
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges

Dec 18, 2025 10:19 AM

Tags: access, advisory, cve, cyber, exploit, flaw, hacker, vulnerability, zero-day

SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete system control. The vulnerability stems from insufficient authorization checks in the SonicWall SMA1000 Appliance Management…
New Reports Reveal WAFs Are Ineffective Against Latest React2Shell Exploit

Dec 18, 2025 10:19 AM

Tags: ai, cyber, exploit, firewall, mitigation, waf

TEL AVIV, Israel, Dec. 17, 2025 Miggo Security has released a comprehensive benchmark study revealing critical gaps in Web Application Firewall (WAF) protection, with the discovery of React2Shell (CVE-2025-55182) serving as a stark real-world validation of these vulnerabilities. The research, titled >>Beat the Bypass: A Benchmark Study of WAF Weaknesses and AI Mitigation,
Hackers Actively Target Cisco and Palo Alto VPN Gateways to Steal Login Credentials

Dec 18, 2025 9:19 AM

Tags: attack, authentication, breach, cisco, credentials, cyber, cybersecurity, exploit, hacker, login, network, service, vpn

Cybersecurity researchers at GreyNoise have identified a large-scale, coordinated campaign targeting enterprise VPN authentication systems. The attackers are systematically attempting to breach Cisco SSL VPN and Palo Alto Networks GlobalProtect services through credential-based attacks rather than exploiting specific vulnerabilities. The campaign activity was observed during mid-December across a concentrated two-day period, revealing a sophisticated approach…
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands

Dec 18, 2025 9:19 AM

Tags: backdoor, cisco, cyber, email, exploit, flaw, software, threat, vulnerability, zero-day

Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands

Dec 18, 2025 9:19 AM

Tags: backdoor, cisco, cyber, email, exploit, flaw, software, threat, vulnerability, zero-day

Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

Dec 18, 2025 7:19 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, malicious, supply-chain, update, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an “embedded malicious code vulnerability” introduced by means of a supply chain compromise First…
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

Dec 18, 2025 6:19 AM

Tags: attack, china, cisco, email, exploit, flaw, software, threat, zero-day

Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.The networking equipment major said it became aware of the intrusion campaign on December…
What’s Powering Enterprise AI in 2025: ThreatLabz Report Sneak Peek

Dec 18, 2025 6:19 AM

Tags: access, ai, api, attack, business, communications, compliance, control, corporate, data, exploit, finance, github, google, intelligence, LLM, malware, mitigation, openai, privacy, programming, risk, saas, service, social-engineering, software, supply-chain, threat, tool, vulnerability

As 2025 comes to a close, artificial intelligence (AI) is a clear throughline across enterprise organizations. Many teams are still in the thick of implementing AI or deciding where and how to use it. Keeping up with usage trends and developments on top of that has become increasingly difficult. AI innovation moves fast and LLMs…
CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Dec 18, 2025 5:20 AM

Tags: access, advisory, attack, authentication, control, cve, cyber, data, exploit, firewall, flaw, injection, international, mobile, ransomware, sql, vulnerability, zero-day

A zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild in a chained attack with CVE-2025-23006. Key takeaways: CVE-2025-40602 is a local privilege escalation vulnerability in the appliance management console (AMC) of the SonicWall SMA 1000 appliance. CVE-2025-40602 has been exploited in a chained attack with CVE-2025-23006, a deserialization…
‘Ink Dragon’ threat group targets IIS servers to build stealthy global network

Dec 18, 2025 5:20 AM

Tags: access, attack, china, control, credentials, data, exploit, firewall, government, group, infrastructure, intelligence, microsoft, network, office, threat, vulnerability, waf

modus operandi to several other Chinese threat groups engaged in nation-state surveillance, such as UNC6384, whose campaigns targeted European diplomats.However, during a recent investigation at the office of a European government, Check Point said it had discovered that the group has now pivoted towards what it called “an unusually sophisticated playbook” with longer term goals.Key…
Smashing Security podcast #448: The Kindle that got pwned

Dec 18, 2025 5:20 AM

Tags: control, exploit

Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an attacker break into your account and seize control of your credit card. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-448/
Smashing Security podcast #448: The Kindle that got pwned

Dec 18, 2025 5:20 AM

Tags: control, exploit

Think your Kindle is harmless? Think again! In this episode, we unpack a Black Hat Europe talk revealing how a boobytrapped audiobook could exploit the Amazon eBook reader – potentially letting an attacker break into your account and seize control of your credit card. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-448/
React2Shell fallout spreads to sensitive targets as public exploits hit all-time high

Dec 18, 2025 12:19 AM

Tags: cve, exploit, vulnerability

Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE ever. First seen on cyberscoop.com Jump to article: cyberscoop.com/react2shell-vulnerability-fallout-spreads/
Exploited SonicWall zero-day patched (CVE-2025-40602)

Dec 17, 2025 11:19 PM

Tags: access, exploit, mobile, vulnerability, zero-day

SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/17/sonicwall-cve-2025-40602/
Cisco, SonicWall Disclose New Attacks Exploiting Zero-Day Flaws

Dec 17, 2025 10:19 PM

Tags: attack, cisco, cyberattack, exploit, flaw, vulnerability, zero-day

Zero-day vulnerabilities in Cisco and SonicWall products have been exploited in new cyberattack campaigns, the vendors disclosed Wednesday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisco-sonicwall-disclose-new-attacks-exploiting-zero-day-flaws
SonicWall warns of actively exploited flaw in SMA 100 AMC

Dec 17, 2025 9:19 PM

Tags: attack, cve, exploit, flaw, update, vulnerability, zero-day

SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
ForumTrol Operation Uses Chrome Zero-Day in Fresh Phishing Attacks

Dec 17, 2025 9:19 PM

Tags: apt, attack, browser, chrome, cve, cyber, exploit, google, group, phishing, russia, social-engineering, tactics, vulnerability, zero-day

The ForumTroll APT group has resurfaced with a sophisticated phishing campaign targeting Russian academics, marking a significant escalation in their ongoing operations against entities in Russia and Belarus. While the group initially gained notoriety for exploiting CVE-2025-2783, a zero-day vulnerability in Google Chrome, their latest offensive relies on refined social engineering tactics and commercial red…
CISA Adds Actively Exploited Fortinet Signature Verification Flaw to KEV Catalog

Dec 17, 2025 9:19 PM

Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, kev, threat, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-59718 to its Known Exploited Vulnerabilities (KEV) catalog, marking the latest Fortinet vulnerability being actively exploited in the wild. The flaw affects multiple Fortinet products and poses a significant threat to organisations relying on FortiCloud single sign-on (SSO) authentication. Vulnerability Details CVE-2025-59718 represents an improper…