Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability
FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…
Vulnerability
New DripDropper Malware Exploits Linux Flaw Then Patches It Lock Rivals Out
A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…
CERT/CC Issues Alert on Critical Flaws in Workhorse Municipal Accounting Software
The Computer Emergency Response Team Coordination Center (CERT/CC) has issued a critical security advisory warning of severe vulnerabilities in Workhorse Software Services’ municipal accounting software that could enable unauthorized access to se…
Copilot Vulnerability Lets Attackers Bypass Audit Logs and Gain Hidden Access
A critical vulnerability in Microsoft’s M365 Copilot allowed users to access sensitive files without leaving any trace in audit logs, creating significant security and compliance risks for organizations worldwide. The flaw, discovered in July 202…
Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data
CERT/CC has disclosed the details of information exposure vulnerabilities in a Workhorse Software application after patches were released.
The post Flaws in Software Used by Hundreds of Cities and Towns Exposed Sensitive Data appeared first on Securit…
Lenovo AI Chatbot Flaw Allows Remote Script Execution on Corporate Systems
Cybersecurity researchers have uncovered critical vulnerabilities in Lenovo’s AI-powered customer support chatbot that could allow attackers to execute malicious scripts on corporate systems and steal sensitive session data. The discovery highlig…
Microsoft Fixed Over 100 Flaws With August 2025 Patch Tuesday
Microsoft has released the scheduled Patch Tuesday updates for August 2025. This month’s update bundle…
Microsoft Fixed Over 100 Flaws With August 2025 Patch Tuesday on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Test…
Kubernetes Capsule Vulnerability Enables Attackers to Inject Arbitrary Labels
Security researchers have disclosed a critical vulnerability in Kubernetes Capsule v0.10.3 and earlier versions that allows authenticated tenant users to inject arbitrary labels into system namespaces, fundamentally breaking multi-tenant isolation. The…
Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999)
A working exploit concatenating two critical SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999) that have been previously exploited in the wild has been made public by VX Underground, Onapsis security researchers have warned. The exploit ha…
Hackers Exploit Apache ActiveMQ Flaw to Breach Cloud Linux Servers
Cybersecurity researchers have uncovered a sophisticated attack campaign where hackers exploiting a critical Apache ActiveMQ vulnerability are taking the unusual step of patching the security flaw after gaining access to victim systems. The Red Canary …