Collecting Cyber-News from over 60 sources

Tag: flaw

Microsoft’s November 2025 Patch Tuesday Addresses 63 CVEs (CVE-2025-62215)

Nov 11, 2025 9:20 PM

Tags: access, android, attack, best-practice, cve, cyber, exploit, flaw, github, linux, malicious, microsoft, office, rce, remote-code-execution, service, social-engineering, sql, update, vulnerability, windows, zero-day

5Critical 58Important 0Moderate 0Low Microsoft addresses 63 CVEs including one zero-day vulnerability which was exploited in the wild. Microsoft patched 63 CVEs in its November 2025 Patch Tuesday release, with five rated critical, and 58 rated as important. This month’s update includes patches for: Azure Monitor Agent Customer Experience Improvement Program (CEIP) Dynamics 365 Field…
Critical Zoom Vulnerability Exposes Windows Users to Attacks

Nov 11, 2025 8:20 PM

Tags: attack, flaw, vulnerability, windows

A new Zoom Workplace flaw (CVE-2025-64740) lets attackers escalate privileges on Windows. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-zoom-vulnerability-exposes-windows-users-to-attacks/
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Nov 11, 2025 8:20 PM

Tags: exploit, flaw, microsoft, update, zero-day

Today is Microsoft’s November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-november-2025-patch-tuesday-fixes-1-zero-day-63-flaws/
Critical Zoom Vulnerability Exposes Windows Users to Attacks

Nov 11, 2025 8:20 PM

Tags: attack, flaw, vulnerability, windows

A new Zoom Workplace flaw (CVE-2025-64740) lets attackers escalate privileges on Windows. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-zoom-vulnerability-exposes-windows-users-to-attacks/
Monsta FTP Remote Code Execution Vulnerability (CVE-2025-34299)

Nov 11, 2025 7:20 PM

Tags: authentication, flaw, remote-code-execution, vulnerability

Critical flaw in Monsta FTP (CVE-2025-34299) allows remote code execution without authentication, putting thousands of servers at risk. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/monsta-ftp-remote-code-execution-vulnerability-cve-2025-34299/
Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)

Nov 11, 2025 5:20 PM

Tags: cisa, cve, exploit, flaw, kev, mobile, spyware, update, vulnerability

CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/11/samsung-spyware-cve-2025-21042/
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor

Nov 11, 2025 5:20 PM

Tags: credentials, flaw, injection, sap, sql, update, vulnerability

SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code injection issue in the Solution Manager platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sap-fixes-hardcoded-credentials-flaw-in-sql-anywhere-monitor/
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation

Nov 11, 2025 3:19 PM

Tags: cve, cvss, cyber, flaw, vulnerability, windows

A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
Zoom Workplace for Windows Flaw Allows Local Privilege Escalation

Nov 11, 2025 3:19 PM

Tags: cve, cvss, cyber, flaw, vulnerability, windows

A security vulnerability has been discovered in Zoom Workplace’s VDI Client for Windows that could allow attackers to escalate their privileges on affected systems. The flaw, tracked as CVE-2025-64740 and assigned bulletin ZSB-25042, has been rated as High severity with a CVSS score of 7.5. Attribute Details CVE ID CVE-2025-64740 Bulletin ID ZSB-25042 Product Zoom Workplace VDI…
WinRAR Vulnerability Exploited by APT08 to Target Government Agencies

Nov 11, 2025 3:19 PM

Tags: apt, attack, cyber, exploit, flaw, government, group, hacking, threat, vulnerability

The notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government organizations across South Asia. This development marks a concerning evolution in the threat actor’s capabilities, as the group leverages this easily exploitable flaw to infiltrate sensitive systems and steal classified…
WinRAR Vulnerability Exploited by APT08 to Target Government Agencies

Nov 11, 2025 3:19 PM

Tags: apt, attack, cyber, exploit, flaw, government, group, hacking, threat, vulnerability

The notorious APT-C-08 hacking group, also known as BITTER, has been observed weaponizing a critical WinRAR directory traversal vulnerability (CVE-2025-6218) to launch sophisticated attacks against government organizations across South Asia. This development marks a concerning evolution in the threat actor’s capabilities, as the group leverages this easily exploitable flaw to infiltrate sensitive systems and steal classified…
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
API Security: Bridging the Gap Between Application and Security Teams FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, application-security, attack, awareness, breach, business, cctv, ciso, cloud, crypto, cyber, cybersecurity, data, data-breach, dns, email, finance, flaw, group, incident response, microsoft, monitoring, network, phone, ransom, risk, security-incident, service, software, strategy, technology, threat, tool, unauthorized, vulnerability

Nov 11, 2025 – Jeremy Snyder – API Security: Why the Gap Developers and security professionals have different concerns and motivations. It’s easy to see why gaps emerge. The ability to quickly ship new products, features or functionality is a real source of competitive advantage in the digital economy. Business needs demand speed. Engineers constantly…
moveIT a series of breaches, all enabled by APIs FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, attack, authentication, breach, cloud, cve, data, endpoint, flaw, germany, identity, injection, malicious, moveIT, remote-code-execution, software, sql, vulnerability

Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
moveIT a series of breaches, all enabled by APIs FireTail Blog

Nov 11, 2025 2:20 PM

Tags: access, api, attack, authentication, breach, cloud, cve, data, endpoint, flaw, germany, identity, injection, malicious, moveIT, remote-code-execution, software, sql, vulnerability

Nov 11, 2025 – Jeremy Snyder – In mid-2023, a software vulnerability was discovered in a file transfer application known as moveIT. Because of the application’s popularity, numerous companies and organizations have found themselves vulnerable to the breach. This blog post will attempt to explain the vulnerability, map out the kill chain (also sometimes called…
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws

Nov 11, 2025 2:20 PM

Tags: cvss, cyber, data, flaw, injection, sap, software, update, vulnerability

SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws

Nov 11, 2025 2:20 PM

Tags: cvss, cyber, data, flaw, injection, sap, software, update, vulnerability

SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
Hackers Exploit Critical Flaw in Gladinet’s Triofox File Sharing Product

Nov 11, 2025 2:20 PM

Tags: cloud, exploit, flaw, google, hacker, threat, vulnerability

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-critical-flaw/
Hackers Exploit Critical Flaw in Gladinet’s Triofox File Sharing Product

Nov 11, 2025 2:20 PM

Tags: cloud, exploit, flaw, google, hacker, threat, vulnerability

Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-critical-flaw/
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie

Nov 11, 2025 11:20 AM

Tags: cve, cvss, cyber, flaw, mfa, vulnerability

Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie

Nov 11, 2025 11:20 AM

Tags: cve, cvss, cyber, flaw, mfa, vulnerability

Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…
WatchGuard Firebox Flaw Allows Attackers to Gain Unauthorized SSH Access

Nov 11, 2025 11:20 AM

Tags: access, authentication, cve, cyber, firewall, flaw, network, threat, unauthorized, vulnerability

A security vulnerability has been discovered in WatchGuard Firebox devices that could allow attackers to bypass authentication mechanisms and gain unauthorized SSH access to affected systems. Tracked as CVE-2025-59396, this flaw poses a significant threat to organizations that rely on WatchGuard firewalls for network security and remote management. CVE Details Information CVE ID CVE-2025-59396 Affected…
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog

Nov 11, 2025 11:20 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, mobile, vulnerability, zero-day

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Samsung mobile devices flaw, tracked as CVE-2025-21042 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. The now-patched Samsung Galaxy flaw CVE-2025-21042 was exploited as a zero-day…
Critical Triofox bug exploited to run malicious payloads via AV configuration

Nov 11, 2025 10:19 AM

Tags: access, antivirus, authentication, cve, exploit, flaw, google, hacker, malicious, mandiant, threat, tool

Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google’s Mandiant researchers spotted threat actors exploiting a now-patched Triofox flaw, tracked as CVE-2025-12480 (CVSS score of 9.1) that allows them to bypass authentication to upload and run remote access tools via the platform’s antivirus feature. Mandiant…
Researchers Uncover Critical runC Bugs Allowing Full Container Escape

Nov 11, 2025 9:20 AM

Tags: container, control, cve, docker, exploit, flaw, kubernetes, vulnerability

Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
Researchers Uncover Critical runC Bugs Allowing Full Container Escape

Nov 11, 2025 9:20 AM

Tags: container, control, cve, docker, exploit, flaw, kubernetes, vulnerability

Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks

Nov 11, 2025 8:19 AM

Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, mobile, rce, remote-code-execution, vulnerability, zero-day

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Tracked as CVE-2025-21042, this zero-day flaw resides in Samsung’s libimagecodec library. It could allow attackers to bypass security protections and execute arbitrary code…
CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks

Nov 11, 2025 8:19 AM

Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, mobile, rce, remote-code-execution, vulnerability, zero-day

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Tracked as CVE-2025-21042, this zero-day flaw resides in Samsung’s libimagecodec library. It could allow attackers to bypass security protections and execute arbitrary code…
Hackers Exploit Triofox 0-Day to Deploy Malicious Payloads Using Anti-Virus Feature

Nov 11, 2025 7:19 AM

Tags: authentication, cyber, cybersecurity, defense, exploit, flaw, hacker, malicious, mandiant, threat, virus, vulnerability, zero-day

Cybersecurity researchers from Mandiant Threat Defense have uncovered a critical zero-day vulnerability in Gladinet’s Triofox file-sharing platform that allowed attackers to bypass authentication and execute malicious code with system-level privileges. The vulnerability, tracked as CVE-2025-12480, was actively exploited by the threat actor group UNC6485 as early as August 24, 2025. The flaw affected Triofox version 16.4.10317.56372 and has…