Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web interface of its PAN-OS operating […]
Category: Cyber Security News
Command Injection Flaw in Palo Alto PAN-OS Allows Root-Level Code Execution
A newly disclosed command injection vulnerability (CVE-2025-4230) in Palo Alto Networks PAN-OS software enables authenticated administrators to bypass restrictions and execute arbitrary commands with root […]
Phishing sites posing as DeepSeek downloads drop a proxy backdoor
Kaspersky is warning LLM users of a new malicious campaign distributing a previously unknown malware, dubbed “BrowserVenom,” through a fake DeepSeek-R1 environment installer. According to […]
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from […]
Non-Human Identities: How to Address the Expanding Security Risk
Human identities management and control is pretty well done with its set of dedicated tools, frameworks, and best practices. This is a very different world […]
FIN6 exploits HR workflows to breach corporate defenses
The financially motivated cybercrime group FIN6, also known as Skeleton Spider, is targeting human resources professionals with an elaborate social engineering scheme that uses fake […]
.png)
Trend Micro Apex One Zero-Day Vulnerability Enables Attackers to Inject Malicious Code
Trend Micro has issued an urgent security bulletin addressing five critical vulnerabilities in its Apex One endpoint security platform that could allow attackers to execute […]
Cybercriminals Advertise Advanced MaaS Botnet with Blockchain C2 on Hacking Forums
Cybersecurity researchers have uncovered the alleged sale of a sophisticated Malware-as-a-Service (MaaS) botnet that combines legitimate development frameworks with cutting-edge evasion techniques. The threat actor […]
Unternehmen wiegen sich in falscher Sicherheit
Laut einer TÜV-Umfrage halten sich 91 Prozent der Unternehmen für „gut geschützt“ vor Cyberattacken. Doch die Zahl Angriffe ist massiv gestiegen. https://www.shutterstock.com/g/B Desain Etwa jedes […]
Hackers Launch Coordinated Attack on Apache Tomcat Manager from 400 Unique IPs
Cybersecurity researchers at GreyNoise Intelligence have identified a significant coordinated attack campaign targeting Apache Tomcat Manager interfaces across the globe. On June 5, 2025, the […]