Latest Cybersecurity News and Articles

Adobe Analytics bug leaked customer tracking data to other tenants

A critical ingestion bug in Adobe Analytics caused cross-tenant data leakage, exposing customer tracking data from one organization to others. The issue lasted for nearly a day and affected multiple Adobe Analytics services globally.

That annoying SMS phish you just got may have come from a box like this

Threat actors are exploiting unsecured Milesight IoT cellular routers to send SMS-based phishing messages. These routers are widely deployed in critical infrastructure such as traffic lights and electric power meters.

Oracle customers being bombarded with emails claiming widespread data theft

A widespread extortion campaign is targeting Oracle customers with emails claiming data theft from Oracle’s E-Business Suite. The emails are allegedly linked to the Clop ransomware group.

Multiple Vulnerabilities in VMware Aria Operations and VMware Tools Could Allow for Privilege Escalation

Multiple vulnerabilities have been identified in VMware Aria Operations and VMware Tools, the most critical of which (CVE-2025-41244) allows local privilege escalation to root.

walk through the updates

Rhadamanthys, a modular infostealer, has released version 0.9.2 with significant updates. These changes impact detection, analysis, and reverse engineering, and include new evasion techniques, configuration formats, and delivery mechanisms.

Smishing Campaigns Exploit Cellular Routers to Target Belgium

A wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers, with attackers abusing their APIs to send phishing SMS messages. These campaigns primarily target Belgian users.

Google Project Zero Exposes ASLR Bypass Vulnerability in Apple’s Serialization Framework

Researchers have uncovered a novel technique to bypass Address Space Layout Randomization (ASLR) in Apple devices by exploiting deterministic behaviors in the NSKeyedArchiver and NSKeyedUnarchiver serialization frameworks.

Festo CPX-CEC-C1 and CPX-CMXX

A critical vulnerability (CVE-2022-3079) has been identified in Festo CPX-CEC-C1 and CPX-CMXX control blocks. This flaw allows unauthenticated, remote access to critical webpage functions, potentially resulting in a denial of service (DoS).

Hack of US Surveillance Provider RemoteCOM Exposes Court Data

A significant data breach has compromised RemoteCOM, a US-based surveillance provider, exposing highly sensitive data of nearly 14,000 individuals under court supervision and 6,896 law enforcement personnel.

Tesla Fixes TCU USB Flaw Allowing Root Access

A critical vulnerability in Tesla’s TCU allowed attackers with physical access to gain root-level code execution. The flaw has been patched via an over-the-air (OTA) update.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags