Tuesday, May 13, 2025

Cyber Security News

Microsoft Patch Tuesday May 2025 Released With the Fixes for 72 Flaws With 5 Actively Exploited 0-Day

Microsoft has released its May 2025 Patch Tuesday updates, addressing 72 security vulnerabilities across its software portfolio, including Windows, Microsoft Office, Azure, and Visual Studio. Microsoft patched a total...

Ivanti Released Security Updates to Fix for the Mutiple RCE Vulnerabilities – Patch Now

Ivanti, a leading enterprise software provider, has released critical security updates addressing vulnerabilities across several products, including Endpoint Manager Mobile (EPMM), Neurons for ITSM...

Fortinet FortiVoice Zero-day Vulnerability Actively Exploited in The Wild

A critical stack-based buffer overflow vulnerability (CWE-121) has been discovered in multiple Fortinet products, including FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera. A critical zero-day vulnerability...

Ransomware Attacks Surge by 123% Amid Evolving Tactics and Strategies

The 2025 Third-Party Breach Report from Black Kite highlights a staggering 123% surge in ransomware attacks during 2024, driven largely by sophisticated exploitation of...

Researchers Introduce Mythic Framework Agent to Enhance Pentesting Tool Performance

Penetration testing is still essential for upholding strong security procedures in a time when cybersecurity threats are changing quickly. Recently, a team of security professionals...

Swan Vector APT Targets Organizations with Malicious LNK and DLL Implants

A newly identified advanced persistent threat (APT) campaign, dubbed "Swan Vector" by Seqrite Labs, has been targeting educational institutions and mechanical engineering industries in...

Hackers Weaponize KeePass Password Manager to Spread Malware and Steal Passwords

Threat actors have successfully exploited the widely-used open-source password manager, KeePass, to spread malware and facilitate large-scale password theft. The attack, which was reported by...

Marks & Spencer Confirms Customer Data Breach in Recent Cyber Attack

British retail giant Marks & Spencer has officially confirmed that customer personal data was compromised during a cyber attack that began three weeks ago....

Zoom Workplace Apps Flaws Allow Hackers to Gain Elevated Access

Zoom has released multiple security bulletins addressing seven newly discovered vulnerabilities in Zoom Workplace Apps, with one rated as high severity. All vulnerabilities were...

PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)

Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied by a proof-of-concept (PoC) exploit demonstrating partial sandbox bypass via...

Four Hackers Caught Exploiting Old Routers as Proxy Servers

U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime scheme that hijacked outdated wireless routers to create malicious proxy...