Multiple critical vulnerabilities in Qualcomm Technologies’ proprietary Data Network Stack and Multi-Mode Call Processor that permit remote attackers to execute arbitrary code. These flaws, tracked as CVE-2025-21483 and CVE-2025-27034, each carry a CVSS score of 9.8 and exploit buffer-corruption weaknesses…
Category: Cyber Security News
Zscaler Confirms Data Breach – Hackers Compromised Salesforce Instance and Stole Customer Data
Cybersecurity company Zscaler has confirmed it fell victim to a widespread supply-chain attack that exposed customer contact information through compromised Salesforce credentials linked to marketing platform Salesloft Drift. The breach, disclosed on August 31, 2025, stems from a larger campaign…
SIM Swapping Attacks on the Rise – How eSIM can Make SIM Swapping Harder
The telecommunications landscape is facing an unprecedented crisis as SIM swapping attacks surge to alarming levels, with the United Kingdom alone reporting a staggering 1,055% increase in incidents during 2024, jumping from just 289 cases in 2023 to nearly 3,000…
Hackers Reportedly Demand Google Fire Two Employees, Threaten Data Leak
A group claiming to be a coalition of hackers has reportedly issued an ultimatum to Google, threatening to release the company’s databases unless two of its employees are terminated. The demand, which appeared in a Telegram post, specifically named Austin…
Wireshark 4.4.9 Released With Fix For Critical Bugs and Updated Protocol Support
The Wireshark team has rolled out version 4.4.9, a maintenance release for the world’s most popular network protocol analyzer. This update focuses on stability and reliability, delivering a series of important bug fixes and enhancing support for several existing protocols.…
Microsoft Urges OEM Manufacturers to Fix Windows 11 USB-C Notification issues
Microsoft is issuing a direct call to its hardware partners, urging original equipment manufacturers (OEMs) to address configuration issues that prevent crucial USB-C troubleshooting notifications from functioning correctly in Windows 11. These built-in alerts are designed to enhance user experience…
MediaTek Security Update – Patch for Multiple Vulnerabilities Across Chipsets
MediaTek today published a critical security bulletin addressing several vulnerabilities across its latest modem chipsets, urging device OEMs to deploy updates immediately. The bulletin, issued two months after confidential OEM notification, confirms that no known in-the-wild exploits have been detected…
New Large-Scale Phishing Attacks Targets Hotelier Via Ads to Gain Access to Property Management Tools
A novel phishing campaign emerged in late August 2025 that specifically targeted hoteliers and vacation rental managers through malicious search engine advertisements. Rather than relying on mass email blasts or social media lures, attackers purchased sponsored ads on platforms such…
Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization
A newly discovered critical security vulnerability in the Next.js framework, designated CVE-2025-29927, poses a significant threat to web applications by allowing malicious actors to completely bypass authorization mechanisms. This vulnerability arises from improper handling of the x-middleware-subrequest header within Next.js…
Microsoft To Mandate MFA for Accounts Signing In to the Azure Portal
In a significant security move, Microsoft announced on August 26, 2025, that it will require mandatory multifactor authentication (MFA) for all accounts signing in to the Azure portal and related administrative centers. The policy, first introduced in 2024, aims to…