CISA has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that CVE-2023-0386 is being actively exploited in real-world attacks. This improper ownership management flaw in the Linux kernel’s OverlayFS subsystem allows local attackers to…
Tag: Cyber Security News
Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
Google has released an urgent security update for Chrome browsers across all desktop platforms, addressing critical vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. The update, rolled out on Tuesday, June 17, 2025, patches three significant…
Threat Actors Attacking Windows System With New Winos 4.0 Malware
A sophisticated threat campaign targeting Windows systems has emerged, leveraging a new strain of malware known as winos 4.0 to compromise organizations across Taiwan. The attack, which has been active since January 2025, demonstrates the evolving tactics of cybercriminals who…
Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS
A critical supply chain vulnerability dubbed “GerriScary” (CVE-2025-1568) that could have allowed attackers to inject malicious code into at least 18 major Google projects, including ChromiumOS, Chromium, Dart, and Bazel. The vulnerability uncovered by Tenable security researcher Liv Matan exploits…
New Veeam Vulnerabilities Enables Malicious Remote Code Execution on Backup Servers
Critical security vulnerabilities have been discovered in Veeam’s backup software solutions that could allow attackers to execute malicious code remotely on backup servers, posing significant risks to enterprise data protection systems. The vulnerabilities, assigned CVE numbers 2025-23121, 2025-24286, and 2025-24287,…
How to Detect Threats Early For Fast Incident Response: 3 Examples
Security Operations Center (SOC) teams are now facing an increasingly complex challenge: identifying and responding to security incidents before they can cause significant damage. The key to effective incident response is not just detecting threats quickly. It is understanding the…
New Microsoft Excel Token Protection Policy May Block Certain Data Imports
Microsoft has announced a significant security update that could disrupt data workflows for organizations heavily reliant on Excel’s Power Query functionality. The Microsoft Entra Conditional Access Token Protection feature, currently in Public Preview, introduces enhanced security measures that may prevent…
Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data
Two critical security vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway products, formerly known as Citrix ADC and Gateway, potentially allowing attackers to access sensitive data and compromise network security. Cloud Software Group, the company behind these networking…
Email Hosting Provider Cock.li Hacked – 1 Million Email Addresses Stolen
A major security breach at email hosting provider Cock[.]li has compromised personal data from over one million users, the company announced in an official statement. The incident specifically targeted the service’s Roundcube webmail platform, affecting approximately 1,023,800 users who had…
WhatsApp to Show Ads for Users in Status & Updates Tab
Meta has announced a significant expansion of WhatsApp’s monetization strategy with the introduction of advertising capabilities within the platform’s Updates tab. The company is implementing three key features: channel subscriptions, promoted channels, and status advertisements, targeting the 1.5 billion daily…