🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
19 SepCISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization's network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM). "Each set contains…THEHACKERNEWS.COM
19 SepHybridPetya ransomware bypasses Windows Secure BootResearchers from cybersecurity company ESET have detected a new ransomware called HybridPetya , which is similar to the infamous Petya and NotPetya malware. Like its predecessors, the malware targets the Master File Table (MFT) — a central database on NTFS partitions that catalog…CSOONLINE.COM
19 SepCISA Alerts of Hackers Targeting Ivanti Endpoint Manager Mobile Vulnerabilities to Distribute MalwareCyber threat actors have weaponized two critical Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities—CVE-2025-4427 and CVE-2025-4428—to deploy sophisticated malicious loaders and listeners on compromised servers. The malware consists of two sets of components: Loader 1 (web-ins…GBHACKERS.COM
19 SepNokia CBIS/NCS Manager API Vulnerability Allows Attackers to Bypass AuthenticationOn September 18, 2025, Orange Cert publicly disclosed a critical authentication bypass vulnerability affecting Nokia’s CBIS (CloudBand Infrastructure Software) and NCS (Nokia Container Service) Manager API (CVE-2023-49564). With a CVSS 3.1 score of 9.6 (AV:A/AC:L/PR:N/UI:N/S:C/C:…GBHACKERS.COM
19 SepEntra ID vulnerability exposes gaps in cloud identity trust models, experts warnSecurity researchers are warning about a max-severity vulnerability in Microsoft Entra ID (formerly Azure Active Directory) that could potentially allow attackers to impersonate any user in any tenant, including Global Administrators, without triggering MFA, conditional Access, o…CSOONLINE.COM
19 SepHubSpot’s Jinjava Engine Flaw Exposes Thousands of Sites to RCE AttacksA critical security vulnerability has been discovered in HubSpot’s Jinjava template engine, potentially exposing thousands of websites and applications to remote code execution attacks. The flaw, tracked as CVE-2025-59340, carries the maximum CVSS score of 10.0, indicating …GBHACKERS.COM
19 SepFortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT VulnerabilityFortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. "A deseri…THEHACKERNEWS.COM
19 SepChromium: CVE-2025-10501 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2025-10585 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information. Google is aware that an exploit for CVE-2025-10585 e…MSRC.MICROSOFT.COM
19 SepChromium: CVE-2025-10502 Heap buffer overflow in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2025-10500 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/202[SS9.1]5) for more information.MSRC.MICROSOFT.COM
19 Sep KEVFortra patches critical GoAnywhere MFT flaw akin to past ransomware exploitsUsers of Fortra’s GoAnywhere MFT solution are urged to patch a critical vulnerability that could allow attackers to inject and execute arbitrary commands. The flaw, tracked as CVE-2025-10035 , is rated with the maximum severity score of 10 on the CVSS scale. It stems from an inse…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
19 Sep0-Click ChatGPT Agent Flaw Exposes Gmail Data to AttackersResearchers have discovered a critical zero-click vulnerability in ChatGPT’s Deep Research agent that allows attackers to silently steal sensitive Gmail data without any user interaction. This sophisticated attack leverages service-side exfiltration tech…GBHACKERS.COM
19 SepSolarWinds Issues Advisory Following Salesloft Drift Security BreachSolarWinds Corporation has released an official security advisory in response to a significant data breach involving Salesforce systems. This resulted in unauthorized access to sensitive customer information through compromised OAuth tokens linked to the Salesloft Drift integrati…GBHACKERS.COM
19 SepSystemBC Botnet Compromises 1,500 VPS Every Day to Rent Out for DDoS AttacksSystemBC, a resilient socks5 malware network first spotted in 2019, has dramatically evolved its proxy infrastructure by compromising an average of 1,500 virtual private servers (VPS) each day. This shift from residential devices to large-scale VPS nodes grants threat actors unpr…GBHACKERS.COM
19 SepCybersecurity in smart cities, under scrutinyImproved connectivity and the increase in connected devices are directly impacting the popularization of smart cities . Local governments are promoting projects that integrate new smart technologies to benefit citizen services, both independently and in collaboration with other l…CSOONLINE.COM
19 SepU.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber AttackLaw enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city's public transportation agency. Thalha Jubair …THEHACKERNEWS.COM
19 SepHow AI-Native Development Platforms Enable Fake Captcha PagesCybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, and drive phishing campaigns.TRENDMICRO.COM
19 SepUnpatched Vulnerabilities Expose Novakon HMIs to Remote HackingNovakon HMIs are affected by remote code execution and information exposure vulnerabilities. The post Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepNew iOS Video Injection Tool Bypasses Biometric Locks on Jailbroken iPhonesA newly discovered video injection tool for iOS devices that have been jailbroken poses a serious threat to modern digital identity verification. Developed to run on iOS 15 or later, this highly specialized toolkit can circumvent weak biometric checks and even exploit services la…GBHACKERS.COM
19 SepRussian Airline Hit by Cyberattack, Website and Systems DisruptedRussian regional carrier KrasAvia is grappling with a major IT outage after what appears to be a cyberattack. Passengers have been unable to buy tickets online, and flight operations have been forced to switch to manual procedures. The airline confirmed the disruption to local me…GBHACKERS.COM
19 SepUK Police Arrest Two Scattered Spider Hackers Over London Transport BreachUK law enforcement agencies have arrested two individuals linked to the notorious Scattered Spider cybercriminal group. The arrests, announced on Tuesday, pertain to a sophisticated attack on London’s transport systems. Authorities say the suspects infiltrated critical infrastruc…GBHACKERS.COM
19 SepSurveying the Global Spyware MarketThe Atlantic Council has published its second annual report: “ Mythical Beasts: Diving into the depths of the global spyware market .” Too much good detail to summarize, but here are two items: First, the authors found that the number of US-based investors in spyware …SCHNEIER.COM
19 SepGoogle patches sixth Chrome zero-day exploited in attacks this yearsubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/google-patches-sixth-chrome-zero-day-exploited-in-attacks-this-year/SH.ITJUST.WORKS
19 SepAI-Driven Phishing Attacks: Deceptive Tactics to Bypass Security SystemsSince January, Trend Micro has tracked a surge in phishing campaigns using AI-powered platforms (Lovable, Netlify, Vercel) to host fake captcha pages that lead to phishing websites. This ploy misleads users and evades security tools. Victims are first shown a captcha, lowering su…GBHACKERS.COM
19 SepVulnerability-Lookup 2.16.0submitted by cm0002 to cybersecurity 1 points | 0 comments We’re delighted to announce the release of Vulnerability-Lookup 2.16.0 — packed with exciting new features! What’s New Backend Introduced source-scoped kvrocks counters and source-scoped sorted indexes for vulnerability a…INFOSEC.PUB
19 SepFortra warns of max severity flaw in GoAnywhere MFT’s License ServletFortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks. [...]BLEEPINGCOMPUTER.COM
19 SepCISA exposes malware kits deployed in Ivanti EPMM attacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). [...]BLEEPINGCOMPUTER.COM
19 SepFBI warns of cybercriminals using fake FBI crime reporting portalsThe FBI warned today that cybercriminals are impersonating its Internet Crime Complaint Center (IC3) website in what the law enforcement agency described as "possible malicious activity." [...]BLEEPINGCOMPUTER.COM
19 SepA Vulnerability in GoAnywhere Managed File Transfer (MFT) Could Allow for Command InjectionA vulnerability has been discovered in GoAnywhere Managed File Transfer (MFT) which could allow for Command Injection. GoAnywhere Managed File Transfer (MFT) is an enterprise-level software solution for securely automating, managing, and tracking all organizational file transfers…CISECURITY.ORG
19 SepA Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in WatchGuard Fireware OS, which could allow for arbitrary code execution. Fireware OS is the software that runs on WatchGuard Firebox firewalls. Fireware includes a Web UI that includes a way to manage and monitor each Firebox in your network.…CISECURITY.ORG
19 SepCritical Microsoft's Entra ID Vulnerability Allows Attackers to Gain Complete Administrative Controlsubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/microsofts-entra-id-vulnerability/SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 4[−]
19 SepWeaponized ScreenConnect App Spreads AsyncRAT and PowerShell RATRemote Monitoring and Management tools such as ConnectWise ScreenConnect have earned a reputation for simplifying IT administration, but they have also drawn the attention of sophisticated attackers. By abusing ScreenConnect’s trusted installation footprint and deep system privil…GBHACKERS.COM
19 SepCISA Analyzes Malware From Ivanti EPMM IntrusionsHackers chained two Ivanti EPMM vulnerabilities to collect system information, dump credentials, and execute malware. The post CISA Analyzes Malware From Ivanti EPMM Intrusions appeared first on SecurityWeek .SECURITYWEEK.COM
🔥 INCIDENT REPORTING 13[−]
19 SepNew Loader “CountLoader” Uses PDFs to Launch Ransomware AttacksSecurity researchers have uncovered a sophisticated new malware loader called “CountLoader” that leverages weaponized PDF files to deliver ransomware payloads to victims across multiple regions, with particular focus on Ukrainian targets. CountLoader represents a sign…GBHACKERS.COM
19 SepCloudflare Confirms API Outage Caused by React useEffect Overload IssueCloudflare experienced a significant outage on September 12, 2025, affecting its Tenant Service API, multiple APIs, and the Cloudflare Dashboard. The company has confirmed that the incident was primarily triggered by a React programming bug that caused excessive API calls, overwh…GBHACKERS.COM
19 SepVastaamo psychotherapy hack: US citizen charged in latest twist of notorious data breach28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
19 SepRussland und China nehmen deutsche Wirtschaft ins VisierLaut einer Bitkom-Umfrage kommen die meisten Cyberangriffe auf Unternehmen hierzulande noch immer aus Russland und China. em_concepts – shutterstock.com Knapp drei von vier Unternehmen hierzulande berichten von zunehmenden Angriffen – analog und digital. Der Schaden wird auf rund…CSOONLINE.COM
19 SepRussian Hacking Groups Gamaredon and Turla Target Organizations to Deliver Kazuar BackdoorSilhouetted hooded figures represent Russian hackers operating under the auspices of the FSB against targeted organizations. Two prominent Russian state-sponsored hacking groups, Gamaredon and Turla, have been observed collaborating in sophisticated cyberattacks targeting Ukraini…GBHACKERS.COM
19 SepLuxury Jeweler Tiffany Reports Data Breach Exposing User Personal DataLuxury jeweler Tiffany and Company has confirmed a data breach that exposed the personal information of 2,590 customers. The company discovered unauthorized access to an external system on September 9, 2025, but determined the incident first occurred on May 12, 2025. Tiffany…GBHACKERS.COM
19 SepRansomware-Attacke auf BMW Group?Die BMW Group wird von einer Ransomware-Bande mit angeblich gestohlenen Daten erpresst. Boryana Manzurova – shutterstock.com Der Automobil- und Motorradhersteller BMW tauchte kürzlich auf der Darknet-Seite der Everest-Gruppe auf. In ihrem Post brüsten sich die Hacker damit, „krit…CSOONLINE.COM
19 SepTurla and Gamaredon Working Together in Fresh Ukrainian IntrusionsTurla malware was deployed in February on select systems that Gamaredon had compromised in January. The post Turla and Gamaredon Working Together in Fresh Ukrainian Intrusions appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepKnown. Emerging. Unstoppable? Ransomware Attacks Still Evade DefensesRansomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%. [...]BLEEPINGCOMPUTER.COM
19 SepIn Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding BiasNoteworthy stories that might have slipped under the radar: Eve Security seed funding, Claroty report, patches from WatchGuard and Nokia. The post In Other News: 600k Hit by Healthcare Breaches, Major ShinyHunters Hacks, DeepSeek’s Coding Bias appeared first on SecurityWeek…SECURITYWEEK.COM
19 SepChatGPT tricked to swipe sensitive data from Gmailsubmitted by Pro to cybersecurity 2 points | 0 comments https://www.radware.com/blog/threat-intelligence/shadowleak/ cross-posted from: programming.dev/post/37707316 We found a zero-click flaw in ChatGPT’s Deep Research agent when connected to Gmail and browsing: A single crafted…SH.ITJUST.WORKS
19 SepBreachLock Named Sample Vendor for PTaaS and AEV in Two New 2025 Gartner® ReportsNew York, New York, September 19th, 2025, CyberNewsWire BreachLock, the global leader in offensive security, has been recognized as a Sample Vendor for Penetration Testing as a Service (PTaaS) in the 2025 Gartner Hype Cycle for Application Security. The company was also recognize…GBHACKERS.COM
19 SepCrowdStrike's AI Innovations in Cyber Defense - SWN #513In this episode of Security Weekly News, Joshua Marpet and Aaran Leyland discuss the latest trends in AI and cybersecurity, focusing on innovations from CrowdStrike, the implications of new cyber incident reporting rules, and the evolving landscape of ransomware. They explore the…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 15[−]
19 SepISC Stormcast For Friday, September 19th, 2025 https://isc.sans.edu/podcastdetail/9620, (Fri, Sep 19th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
19 SepHave I Been Pwned Demos Are Now Live!Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. Well, one of them is, but what's important is that we now have a platform on which we can start pushing out a lot more. It's not that HIBP is a particularly…TROYHUNT.COM
19 SepWindows 11 Notepad to Receive AI Upgrade for Free Text Writing and SummarizingMicrosoft has announced a significant upgrade to Windows 11 Notepad, introducing powerful artificial intelligence features that will revolutionize how users create and edit text. The update brings AI-powered writing assistance directly to the classic text editor, offering capabil…GBHACKERS.COM
19 SepResearchers Reveal Connection Between Belsen and ZeroSeven Cybercrime GroupsIn a groundbreaking analysis, cybersecurity firm KELA reveals striking parallels in operational style, target selection, and online presence that suggest a possible connection between two Yemen-linked threat actors: the recently surfaced Belsen Group and the long-standing ZeroSev…GBHACKERS.COM
19 SepRussian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in UkraineCybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to …THEHACKERNEWS.COM
19 SepTwo Scattered Spider Suspects Arrested in UK; One Charged in USThalha Jubair and Owen Flowers were charged in the UK and the US with hacking critical infrastructure organizations. The post Two Scattered Spider Suspects Arrested in UK; One Charged in US appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepNetskope Raises Over $908 Million in IPONetskope has debuted on Nasdaq and its shares soared more than 18%, bringing the company’s value to $8.6 billion. The post Netskope Raises Over $908 Million in IPO appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepChatGPT Tricked Into Solving CAPTCHAsThe AI agent was able to solve different types of CAPTCHAs and adjusted its cursor movements to better mimic human behavior. The post ChatGPT Tricked Into Solving CAPTCHAs appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepWatchGuard patches ‘critical’ VPN flaw in firewalls that could lead to compromisesubmitted by kid to cybersecurity 1 points | 0 comments https://www.csoonline.com/article/4059623/watchguard-patches-critical-vpn-flaw-in-firewalls-that-could-lead-to-compromise.htmlSH.ITJUST.WORKS
19 SepWhy Your Security Strategy Needs a Human UpgradeLet’s be brutally honest. For years, our industry has been locked in a civil war. In one camp, the technologists have been building higher walls and smarter traps, arguing that the right AI-powered, next-gen firewall will solve all our problems.KNOWBE4.COM
19 SepTop 10 Best API Security Testing Companies in 2025In today’s rapidly evolving digital landscape, APIs (Application Programming Interfaces) have become the backbone of online business, connecting services, and enabling new customer experiences. However, as the API footprint grows, so does the attack surface making robust AP…GBHACKERS.COM
19 SepClick Adventure: How a Banned Steam Game Drained Wallets and Dodged Steam Securitysubmitted by Pro to cybersecurity 1 points | 0 comments https://steamcommunity.com/groups/Sentinels_of_the_Store/announcements/detail/534361794856092966 cross-posted from: programming.dev/post/37712591SH.ITJUST.WORKS
19 SepUNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE MalwareAn Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity compa…THEHACKERNEWS.COM
19 SepGamaredon X Turla collabNotorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in UkraineWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
19 SepSystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 ServersA proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. "REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikroti…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
19 SepCybersecurity Today - The Good News EditionCybersecurity Today: The Good News Edition In this episode, host Jim Love addresses a previous mistake regarding the location of Yellowknife and announces a special 'good news' edition. Key stories include Microsoft's dismantling of a global phishing-as-a-service operation Raccoo…CYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 4[−]
19 SepHow To Automate Alert Triage With AI Agents and Confluence SOPs Using TinesRun by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition. The workflow we are high…THEHACKERNEWS.COM
19 SepSteam will stop running on Windows 32-bit in January 2026Valve has announced that its Steam digital distribution service will drop support for 32-bit versions of Windows starting January 2026. [...]BLEEPINGCOMPUTER.COM
19 Sep17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS SurgeThe phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service (PhaaS) deployments have risen significantly recently," Netcraft said in a new report. "The…THEHACKERNEWS.COM
19 SepMicrosoft starts rolling out Gaming Copilot on Windows 11 PCsMicrosoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. [...]BLEEPINGCOMPUTER.COM