Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
Authenticated SQL Injection Exposes TorrentPier User Data
An authenticated SQL injection vulnerability, tracked as CVE-2025-64519, has been discovered in TorrentPier, the popular open-source BitTorrent tracker engine. The flaw allows malicious actors with moderator privileges to execute arbitrary…
·
·
1–2 minutes -
Critical Flaw in Soft Serve Git Server Exposes Internal Networks
A critical Server-Side Request Forgery (SSRF) vulnerability, CVE-2025-64522, in Soft Serve Git server allows attackers to access internal networks. Organizations are urged to update to version 0.11.1 immediately to prevent…
·
·
1–2 minutes -
Military Experts Raise Alarms Over AI Chatbot Vulnerabilities: A New Front in Cyberwarfare
Military experts warn about critical security flaws in AI chatbots, specifically prompt injection attacks, which can be exploited by hostile foreign powers to compromise sensitive information and unleash chaos. The…
·
·
2–3 minutes -
Critical Flaw in Combodo iTop Exposes Systems to Remote Code Execution
A critical security flaw in Combodo iTop, a widely adopted IT service management platform, could allow attackers to achieve remote code execution (RCE) and gain full control over affected systems.
·
·
1–2 minutes -
Mandiant Warns of Active Exploitation of Critical Triofox Flaw Allowing Remote Access
Mandiant warns of active exploitation of a critical Triofox flaw (CVE-2025-12480) allowing remote code execution, with threat actors UNC6485 bypassing authentication to compromise systems.
·
·
1–2 minutes -
EU Considers Banning Huawei Telecom Equipment for Member States
The European Union is contemplating a ban on Huawei telecommunications equipment for member states, driven by escalating cybersecurity and national security concerns. This move reflects a growing international apprehension regarding…
·
·
2–3 minutes -
Swiss NCSC Warns of iPhone Phishing Scams After Device Loss
The Swiss National Cyber Security Centre (NCSC) has warned iPhone users about a sophisticated phishing campaign that targets owners of lost devices. Scammers send convincing messages to steal Apple ID…
·
·
2–3 minutes -
GlassWorm Malware Resurfaces, Infecting VS Code Extensions with Stealthy Unicode Attack
The GlassWorm malware campaign has re-emerged, targeting the Visual Studio Code (VS Code) ecosystem with a new set of malicious extensions, signaling a persistent threat to developers. This sophisticated, self-propagating…
·
·
1–2 minutes -
German City of Ludwigshafen Suffers Cyberattack, Systems Offline
The German city of Ludwigshafen has taken its ICT systems offline after a cyberattack, disrupting public services and highlighting the vulnerability of critical municipal infrastructure. The incident is under investigation,…
·
·
1–2 minutes -
Lukoil Halts Iraqi Operations at West Qurna-2 Amid Sanctions, Citing Force Majeure
Russian energy giant Lukoil has ceased all operations at Iraq’s West Qurna-2 oilfield and declared force majeure, a direct consequence of escalating international sanctions against Moscow.
·
·
1–2 minutes
