Sophos has resolved an authentication bypass vulnerability in its AP6 Series Wireless Access Points that could allow attackers to gain administrator-level privileges. The company discovered the issue during internal security testing and has released a firmware update to address it.…
Category: Cyber Security News
HackerOne Confirms Data Breach – Hackers Gained Unauthorized Access To Salesforce Instance
HackerOne has confirmed it was among the companies affected by a recent data breach that provided unauthorized access to its Salesforce instance. The access was gained through a compromise of the third-party application Drift, which Salesloft owns. The bug bounty…
Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code
Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, were disclosed on September 9, 2025, and affect various versions of…
Microsoft To Introduce New AI Actions In Windows File Explorer
Microsoft is set to enhance the Windows user experience by integrating new AI-powered capabilities directly into File Explorer. This upcoming feature, named “AI actions in File Explorer,” will allow users to perform tasks like editing images and summarizing documents with…
Critical SAP NetWeaver Vulnerability Let Attackers Execute Arbitrary Code And Compromise System
A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system compromise. The flaw resides in the Deploy Web Service upload mechanism, where insufficient access control…
Windows BitLocker Vulnerability Let Attackers Elevate Privileges
Microsoft has addressed two significant elevation of privilege vulnerabilities affecting its Windows BitLocker encryption feature. The flaws, tracked as CVE-2025-54911 and CVE-2025-54912, were disclosed on September 9, 2025, and carry an “Important” severity rating. Both vulnerabilities could allow an authorized…
Chrome Security Update Patches Critical Remote Code Execution Vulnerability
Google has issued an urgent security update for the Chrome browser on Windows, Mac, and Linux, addressing a critical vulnerability that could allow attackers to execute arbitrary code remotely. Users are strongly advised to update their browsers immediately to protect…
Workday Confirms Data Breach – Hackers Accessed Customers Data and Case Information
Workday has confirmed it suffered a data breach after a security incident involving a third-party application that compromised customer information. The breach originated from Salesloft’s Drift application, which connects to Salesforce environments. On August 23, 2025, Workday became aware of…
How to Enrich Alerts with Live Attack Data From 15K SOCs
Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources, how do you prioritize effectively? Investigating each alert in isolation leaves teams reactive, overwhelmed, and…
Microsoft September 2025 Patch Tuesday – 81 Vulnerabilities Fixed Including 22 RCE
Microsoft has released its September 2025 Patch Tuesday updates, addressing a total of 81 security vulnerabilities across its product suite. The security patches cover a wide range of software, including Windows, Microsoft Office, Azure, and SQL Server. Among the fixes…