CISA warns of critical Linux Sudo flaw exploited in attacks

Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems.
The Hacker News

New "Cavalry Werewolf" Attack Hits Russian Agencies with FoalShell and StallionRAT

Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It's also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx, Comrade Saiga, ...
SecurityWeek

Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks

Oracle has confirmed that some of its customers have received extortion emails and the attackers may have exploited known vulnerabilities.

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks

CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks.
Cryptopolitan on MSN

20 major crypto exploits for $127M reported in September

Crypto exploits slowed down in September based on the total value of stolen funds, but showed more sophistication in exploiting smart contracts.
CSO Online

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can.
The Hacker News

CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities ( KEV) catalog ...
SecurityWeek

Organizations Warned of Exploited Meteobridge Vulnerability

CISA warned that a Meteobridge vulnerability patched in May has been exploited in attacks and added the flaw to its KEV catalog.
ABC News

Russia launches large-scale attack on Ukraine, killing 3 and injuring dozens

Russia has launched a large-scale missile and drone attack on Ukraine, killing at least three people and wounding dozens more KYIV, Ukraine -- Russia launched a large-scale missile and drone attack ...
Semiconductor Engineering

Undervolting Attack That Exploits The Vulnerability Of Chips During Brownout Conditions (Worcester Polytechnic, RUB)

A new technical paper titled “Chypnosis: Stealthy Secret Extraction using Undervolting-based Static Side-channel Attacks” was published by researcher at Worcester Polytechnic Institute and Ruhr ...
Yahoo

Panic Attacks and the Meaning of Life

The Atlantic Daily, a newsletter that guides you through the biggest stories of the day, helps you discover new ideas, and recommends the best in culture. Sign up for it here. Once again, Clune ...

Chinese Hackers Exploit VMware Zero-Day For A Year

A serious security flaw in widely used VMware software has been actively exploited in the wild for almost a year, with cybersecurity researchers ...