A set of serious security vulnerabilities has emerged in the OpenPrinting Common Unix Printing System (CUPS), potentially allowing for remote command execution on Linux systems under specific circumstances. Security researcher Simone Margaritelli detailed that an unauthenticated remote attacker could exploit these vulnerabilities to alter or install printer IPP URLs, which…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Spyware Targets Samsung Galaxy Devices, Reports Unit 42 Greg Sirico • November 7, 2025 Samsung Galaxy models targeted by the malware include the Galaxy S23 Series, Galaxy S24 Series, Galaxy S22, Galaxy Z Flip4, and Galaxy Z Fold4, as depicted.…
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical security vulnerability affecting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog. This action was taken in light of evidence indicating ongoing exploitation of this flaw. Identified as CVE-2024-23113, this vulnerability has a CVSS…
Recent cybersecurity reports indicate that threat actors are actively exploiting a critical security vulnerability in Veeam Backup & Replication software to deploy ransomware variants such as Akira and Fog. Sophos, a recognized cybersecurity vendor, has noted ongoing attacks that utilize compromised VPN credentials alongside the CVE-2024-40711 vulnerability to gain unauthorized…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Major Staffing Cuts and Furloughs Impede Federal Response to F5 Cyberattack Chris Riotta (@chrisriotta) • November 4, 2025 Image: Alexeenko Alexey/Shutterstock The U.S. government is grappling with the aftermath of a sophisticated cyber breach involving F5, an application security vendor, believed…
Cybersecurity Researchers Uncover New Jailbreak Technique for AI Models Recent findings by cybersecurity experts at Palo Alto Networks’ Unit 42 have revealed a novel adversarial approach known as “Deceptive Delight,” capable of bypassing the safety measures of large language models (LLMs) during interactive dialogues. By interspersing harmful instructions within benign…
A sophisticated cyberespionage operation has emerged, directly attributed to a Chinese group utilizing vulnerabilities in Microsoft Exchange Servers unveiled earlier this March. This group, identified as PKPLUG (also known as Mustang Panda and HoneyMyte), has executed a new attack sequence deploying an undocumented variant of a remote access trojan, dubbed…
The cybersecurity landscape is shaken by the emergence of a newly identified malware dubbed Airstalk, which researchers attribute to a suspected nation-state threat group. This malware employs enterprise management tools in unconventional ways, highlighting vulnerabilities in third-party ecosystems, particularly those supporting the global outsourcing sector. Its stealth and sophistication signal…
