βWeekly Cybersecurity Roundup: Key Vulnerabilities, Threats, and Data Breaches
https://cybersecuritynews.com/weekly-cybersecurity-roundup/
https://cybersecuritynews.com/weekly-cybersecurity-roundup/
Cyber Security News
Weekly Cybersecurity Roundup: Key Vulnerabilities, Threats, and Data Breaches
In todayβs rapidly evolving digital landscape, the frequency and complexity of cyberattacks are increasing, making it crucial to stay informed about emerging threats.
βWing FTP Server flaw actively exploited shortly after technical details were made public
https://securityaffairs.com/179861/hacking/wing-ftp-server-flaw-actively-exploited-shortly-after-technical-details-were-made-public.html
https://securityaffairs.com/179861/hacking/wing-ftp-server-flaw-actively-exploited-shortly-after-technical-details-were-made-public.html
Security Affairs
Wing FTP Server flaw actively exploited shortly after technical details were made public
Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30.
β€1
βGoogle Gemini flaw hijacks email summaries for phishing
https://www.bleepingcomputer.com/news/security/google-gemini-flaw-hijacks-email-summaries-for-phishing/
https://www.bleepingcomputer.com/news/security/google-gemini-flaw-hijacks-email-summaries-for-phishing/
BleepingComputer
Google Gemini flaw hijacks email summaries for phishing
Google Gemini for Workspace can be exploited to generate email summaries that appear legitimate but include malicious instructions or warnings that direct users to phishing sites without using attachments or direct links.
π1
βWindows 10 KB5062554 update breaks emoji panel search feature
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5062554-update-breaks-emoji-panel-search-feature/
https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5062554-update-breaks-emoji-panel-search-feature/
BleepingComputer
Windows 10 KB5062554 update breaks emoji panel search feature
The search feature for the Windows 10 emoji panel is broken after installing the KB5062554 cumulative update released Tuesday, making it not possible to look up emojis by name or keyword.
βFake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer
https://securityonline.info/fake-free-vpn-minecraft-mod-repositories-deliver-lumma-stealer/
https://securityonline.info/fake-free-vpn-minecraft-mod-repositories-deliver-lumma-stealer/
Daily CyberSecurity
Fake Free VPN & Minecraft Mod Repositories Deliver Lumma Stealer
A malicious campaign on GitHub is distributing Lumma Stealer via fake "Free VPN for PC" and "Minecraft Skin Changer" repositories, using obfuscation and process injection for stealthy delivery.
βDarktrace Exposes βFake Startupβ Malware Campaign: Lures Crypto Users with AI/Web3 Apps to Steal Wallets
https://securityonline.info/darktrace-exposes-fake-startup-malware-campaign-lures-crypto-users-with-ai-web3-apps-to-steal-wallets/
https://securityonline.info/darktrace-exposes-fake-startup-malware-campaign-lures-crypto-users-with-ai-web3-apps-to-steal-wallets/
Daily CyberSecurity
Darktrace Exposes "Fake Startup" Malware Campaign: Lures Crypto Users with AI/Web3 Apps to Steal Wallets
Darktrace uncovers a crypto scam using fake software startups (AI, gaming, Web3 themes) with professional online presences to distribute Electron malware (Windows) and Atomic Stealer (macOS) for crypto theft.
βGoogle Uncovers Massive Phishing Scam Exploiting Booking.com Users
https://securityonline.info/google-uncovers-massive-phishing-scam-exploiting-booking-com-users/
https://securityonline.info/google-uncovers-massive-phishing-scam-exploiting-booking-com-users/
Daily CyberSecurity
Google Uncovers Massive Phishing Scam Exploiting Booking.com Users
Google exposes a vast phishing campaign hijacking Booking.com reservation chats to steal credit card details from travelers, impacting thousands globally since Nov 2023.
βWordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads
https://securityonline.info/wordpress-supply-chain-attack-gravity-forms-plugin-backdoored-through-official-downloads/
https://securityonline.info/wordpress-supply-chain-attack-gravity-forms-plugin-backdoored-through-official-downloads/
Daily CyberSecurity
WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads
A supply chain attack injected backdoor malware into Gravity Forms plugin downloads from the official website. The backdoor allows RCE and creates admin accounts.
βCVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software
https://securityonline.info/cve-2025-30023-critical-rce-vulnerability-discovered-in-axis-video-management-software/
https://securityonline.info/cve-2025-30023-critical-rce-vulnerability-discovered-in-axis-video-management-software/
Daily CyberSecurity
CVE-2025-30023: Critical RCE Vulnerability Discovered in Axis Video Management Software
Axis warns of a critical flaw (CVE-2025-30023, CVSS 9.0) in Camera Station Pro/5 and Device Manager, allowing authenticated RCE via protocol deserialization. Update immediately.
βSMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks
https://securityonline.info/smm-vulnerabilities-in-gigabyte-uefi-firmware-expose-systems-to-stealthy-attacks/
https://securityonline.info/smm-vulnerabilities-in-gigabyte-uefi-firmware-expose-systems-to-stealthy-attacks/
Daily CyberSecurity
SMM Vulnerabilities in Gigabyte UEFI Firmware Expose Systems to Stealthy Attacks
CERT/CC warns of critical flaws in Gigabyte UEFI firmware, allowing SMRAM writes and SMM code execution. Patch immediately to prevent firmware implants and Secure Boot bypass.
βSLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls
https://securityonline.info/slowtempest-advanced-obfuscation-evades-static-analysis-with-cfg-indirect-calls/
https://securityonline.info/slowtempest-advanced-obfuscation-evades-static-analysis-with-cfg-indirect-calls/
Daily CyberSecurity
SLOW#TEMPEST: Advanced Obfuscation Evades Static Analysis With CFG & Indirect Calls
Unit 42 exposes SLOW#TEMPEST, a new malware variant using advanced CFG obfuscation and indirect function calls to evade static analysis, making it nearly impossible to detect.
βRenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments
https://securityonline.info/rendershock-new-zero-click-attack-explores-hidden-vulnerabilities-in-os-enterprise-environments/
https://securityonline.info/rendershock-new-zero-click-attack-explores-hidden-vulnerabilities-in-os-enterprise-environments/
Daily CyberSecurity
RenderShock: New Zero-Click Attack Explores Hidden Vulnerabilities in OS & Enterprise Environments
CYFIRMA unveils RenderShock, a zero-click attack strategy exploiting silent OS background processes like file previews and search indexing to execute malware and steal credentials without user interaction.
βCVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published
https://securityonline.info/cve-2025-25257-cvss-9-6-pre-auth-sqli-in-fortinet-fortiweb-opens-door-to-rce-poc-published/
https://securityonline.info/cve-2025-25257-cvss-9-6-pre-auth-sqli-in-fortinet-fortiweb-opens-door-to-rce-poc-published/
Daily CyberSecurity
CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published
Fortinet released a critical patch for FortiWeb (CVE-2025-25257). This unauthenticated SQL injection flaw allows remote code execution. PoC Releases!
βElon Muskβs AI Empire Boosted: SpaceX Invests $2B in xAI to Accelerate Grok Development & Tesla Integration
https://securityonline.info/elon-musks-ai-empire-boosted-spacex-invests-2b-in-xai-to-accelerate-grok-development-tesla-integration/
https://securityonline.info/elon-musks-ai-empire-boosted-spacex-invests-2b-in-xai-to-accelerate-grok-development-tesla-integration/
Daily CyberSecurity
Elon Muskβs AI Empire Boosted: SpaceX Invests $2B in xAI to Accelerate Grok Development & Tesla Integration
SpaceX invests $2B in xAI to accelerate Grok AI development and Tesla integration. Grok 4 offers multimodal input/multi-agent support, but faced recent hate speech controversy.
βInterlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration
https://securityonline.info/interlock-rat-gets-php-makeover-new-variant-uses-steganography-clickfix-for-stealthy-infiltration/
https://securityonline.info/interlock-rat-gets-php-makeover-new-variant-uses-steganography-clickfix-for-stealthy-infiltration/
Daily CyberSecurity
Interlock RAT Gets PHP Makeover: New Variant Uses Steganography & ClickFix for Stealthy Infiltration
The DFIR Report uncovers a new PHP-coded Interlock RAT variant, using compromised websites and ClickFix social engineering to deploy stealthy malware for recon and persistence.
βRed Bull Job Scam Exposed: Phishing Campaign Spoofs Brands, Uses βSlow Killβ Tactics to Steal Credentials
https://securityonline.info/red-bull-job-scam-exposed-phishing-campaign-spoofs-brands-uses-slow-kill-tactics-to-steal-credentials/
https://securityonline.info/red-bull-job-scam-exposed-phishing-campaign-spoofs-brands-uses-slow-kill-tactics-to-steal-credentials/
Daily CyberSecurity
Red Bull Job Scam Exposed: Phishing Campaign Spoofs Brands, Uses "Slow Kill" Tactics to Steal Credentials
Evalian uncovers a phishing campaign spoofing Red Bull job offers using legitimate services, low-cost VPS, and "slow kill" tactics to steal credentials via fake Facebook logins.
βGMX Hacked for $40M, Hacker Returns Funds for $5M Bounty After On-Chain Appeal
https://securityonline.info/gmx-hacked-for-40m-hacker-returns-funds-for-5m-bounty-after-on-chain-appeal/
https://securityonline.info/gmx-hacked-for-40m-hacker-returns-funds-for-5m-bounty-after-on-chain-appeal/
Daily CyberSecurity
GMX Hacked for $40M, Hacker Returns Funds for $5M Bounty After On-Chain Appeal
GMX was hacked for $40M via smart contract exploit. The hacker returned funds for a $5M bounty after GMX's on-chain appeal, sparking debate in the security community.
βCVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access
https://securityonline.info/cve-2025-7503-cvss-10-hidden-backdoor-in-popular-ip-camera-grants-hackers-root-access/
https://securityonline.info/cve-2025-7503-cvss-10-hidden-backdoor-in-popular-ip-camera-grants-hackers-root-access/
Daily CyberSecurity
CVE-2025-7503 (CVSS 10): Hidden Backdoor in Popular IP Camera Grants Hackers Root Access
A critical flaw (CVE-2025-7503, CVSS 10.0) in Shenzhen Liandian IP cameras allows root access via an undocumented, default-enabled Telnet service with hardcoded credentials. No patch available.
βGPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models
https://securityonline.info/gpuhammer-first-rowhammer-attack-on-gddr6-gpu-memory-induces-bit-flips-degrades-ai-models/
https://securityonline.info/gpuhammer-first-rowhammer-attack-on-gddr6-gpu-memory-induces-bit-flips-degrades-ai-models/
Daily CyberSecurity
GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models
GPUHammer is the first Rowhammer attack on GDDR6 memory (NVIDIA A6000), successfully inducing bit flips that can degrade AI model accuracy. Enable System-Level ECC to mitigate.
βPatch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb
https://securityaffairs.com/179874/security/patch-immediately-cve-2025-25257-poc-enables-remote-code-execution-on-fortinet-fortiweb.html
https://securityaffairs.com/179874/security/patch-immediately-cve-2025-25257-poc-enables-remote-code-execution-on-fortinet-fortiweb.html
Security Affairs
Patch immediately: CVE-2025-25257 PoC enables remote code execution on Fortinet FortiWeb
PoC exploits released for critical Fortinet FortiWeb flaw allowing pre-auth RCE. Fortinet urges users to patch.
βGoogle Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails
https://cybersecuritynews.com/google-gemini-for-workspace-vulnerability/
https://cybersecuritynews.com/google-gemini-for-workspace-vulnerability/
Cyber Security News
Google Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails
Google Gemini for Workspace that enables threat actors to embed hidden malicious instructions within emails.