Cybersecurity Articles

312/68 Thursday, August 28, 2025 Citrix has released security patches to address three vulnerabilities affecting NetScaler ADC and NetScaler Gateway: CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424. Notably, CVE-2025-7775 has already been confirmed as actively exploited on unpatched devices. Vulnerability Details: Recommended Action The Cloud Software Group strongly advises all users to update to the secure versions as […]

311/68 Thursday, August 28, 2025 Cybersecurity researchers at ESET have uncovered a new type of malware named PromptLock, identified as the first ransomware to leverage artificial intelligence (AI) as part of its attack process. This malware operates using prompt injection techniques, embedding pre-defined commands to manipulate AI models into performing malicious tasks-such as scanning local […]

310/68 Wednesday, August 27, 2025 Docker has released a security update to address a critical vulnerability, CVE-2025-9074, with a CVSS score of 9.3, affecting Docker Desktop on both Windows and macOS. The flaw allows attackers to perform a Container Escape-gaining unauthorized access from within a container to the host system. The vulnerability has been fixed […]

309/68 Wednesday, August 27, 2025 FortiGuard Labs, the threat intelligence division of Fortinet, has issued a global cybersecurity alert regarding a rapidly spreading phishing campaign. The attack leverages deceptive emails titled “Missed Phone Call” or “Voicemail Message”, as well as fake purchase orders, to trick Windows users into downloading malicious files that silently install the […]

308/68 Tuesday, August 26, 2025 DaVita Inc., a U.S.-based dialysis service provider, has confirmed that a ransomware attack led to the leak of personal and health information affecting nearly 2.7 million individuals. The breach was publicly disclosed on April 18, 2025, after DaVita detected encryption activity on its network systems on April 12. To maintain […]

307/68 Tuesday, August 26, 2025 The Pakistan-based hacker group APT36 has adopted a new tactic targeting Indian government and security agencies by abusing .desktop files on Linux systems. Normally used as simple shortcut launchers for applications, these files are now being leveraged to hide malware, enabling data theft and persistent access. According to cybersecurity firms […]

306/68 Monday, August 25, 2025 CrowdStrike has warned that from June to August 2025, more than 300 organizations worldwide were targeted by SHAMOS malware, a variant of Atomic macOS Stealer (AMOS). The malware was distributed through a Malvertising Campaign, embedded in Google ads that redirected victims to fake macOS support websites, tricking users into running […]

305/68 Monday, August 25, 2025 Cyber researchers at FortiGuard Labs have reported the resurgence of the “Gayfemboy” botnet, a new evolution of the original Mirai malware, exhibiting more sophisticated and dangerous capabilities. This botnet exploits both known vulnerabilities (N-day) and unpatched zero-day vulnerabilities in devices from DrayTek, TP-Link, Raisecom, and Cisco to spread malware. The […]

304/68 Friday, August 22, 2025 Apple has released security updates to address a zero-day vulnerability, tracked as CVE-2025-43300, affecting iOS, iPadOS, and macOS. The flaw was reportedly exploited in targeted attacks. The vulnerability resides in the ImageIO framework and could lead to memory corruption when the system processes a specially crafted image. According to Apple, […]

303/68 Friday, August 22, 2025 Security researcher Marek Tóth presented findings at DEF CON 33, revealing a newly identified vulnerability dubbed DOM-Based Extension Clickjacking that affects popular password manager browser extensions such as 1Password, iCloud Passwords, Bitwarden, LastPass, and several others. This flaw can potentially allow attackers to steal sensitive information simply by tricking users […]