Cyber News & Updates
Breaking news, security alerts, and trending stories from across the cybersecurity landscape.
-
ThinPLUS OS Command Injection Vulnerability (CVE-2025-13284)
A critical OS Command Injection vulnerability (CVE-2025-13284) in ThinPLUS allows unauthenticated remote attackers to execute arbitrary commands, posing significant risks to system integrity. TWCERT/CC urges immediate patching.
-
CVE-2025-8855: 2FA Bypass in Brokerage Automation
CVE-2025-8855 is a critical 2FA bypass vulnerability in Optimus Software’s Brokerage Automation platform. It combines authorization bypass, weak password recovery, and authentication bypass flaws, leading to high-severity risks and unauthorized access.
-
Fortinet FortiWeb Zero-Day Actively Exploited
A severe security vulnerability in Fortinet’s FortiWeb web application firewall is actively exploited, allowing attackers to bypass authentication. This zero-day flaw impacts FortiWeb versions 8.0.1 and earlier. Update to 8.0.2 or later to protect against this vulnerability.
-
IndonesianFoods-worm Floods NPM Registry
A sophisticated self-replicating ‘IndonesianFoods-worm’ has flooded the npm registry with tens of thousands of malicious packages. This aggressive campaign, documented by SourceCodeRed and JFrog, poses a significant threat to the software supply chain.
-
What is OpenID Connect (OIDC)? — Explainer tied to CVE-2025-54603
A concise explainer of OpenID Connect (OIDC) and how product-level OIDC misimplementations (as in CVE-2025-54603) can lead to authentication bypasses.
-
What is GlobalProtect? Palo Alto Networks VPN Gateway Explained
GlobalProtect is Palo Alto Networks’ enterprise remote access gateway. This explainer covers how it works, why it matters, and the security considerations organizations should understand about CVE-2024-3400 and enterprise VPN security.
-
ShadowMQ Flaw Exposes AI Inference Engines to Remote Code Execution
Oligo Security found a recurring ZeroMQ/pickle deserialization flaw affecting multiple AI inference frameworks; several vendors have issued patches.
-
PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens
PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.
-
Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases
Safery is a malicious Chrome wallet extension that hides stolen Ethereum seed phrases inside Sui micro-transactions; defenders should monitor unexpected browser RPC calls and on-chain writes during wallet import.
-
Cisco RCE Vulnerability Affects Security Appliances
Cisco has identified a critical RCE vulnerability, CVE-2024-20353, affecting its Secure Web Appliance and Secure Email Gateway products. Immediate updates are urged.