News – Page 4 – Cyber Security News

Thu. Jun 4th, 2026

Diagram showing a FortiCloud SSO authentication bypass attack, where a hacker sends a malicious SAML message to exploit Fortinet vulnerabilities CVE-2025-59718 and CVE-2025-59719, enabling unauthorized administrative access.

News

Fortinet Discloses Critical FortiCloud SSO Authentication Bypass Vulnerabilities: What CISOs Must Do Immediately

Critical Fortinet flaws (CVE-2025-59718/59719) allow attackers to bypass FortiCloud SSO using malicious SAML messages. Although not enabled by default, many…

Illustration of a hacker using a headless Chrome browser and DevTools Protocol to bypass App-Bound Encryption and steal decrypted cookies in a cybersecurity attack.

News

Sryxen Stealer: The New Class of Malware That Turns Chrome Against Itself

Dec 10, 2025 G.C.Moresi

Sryxen is a new stealer that bypasses Chrome’s App-Bound Encryption by abusing headless Chrome and the DevTools Protocol, forcing the…

Warning symbol over cybersecurity background illustrating a supply-chain malware incident involving a malicious trojanized executable hidden in a Yealink support ZIP download.

News

When Trust Becomes the Weakest Link: Potential Supply-Chain Malware via Yealink Downloads

Dec 1, 2025 G.C.Moresi

A suspicious ZIP from Yealink’s official CDN contained a trojanized executable, suggesting a possible supply-chain compromise. This case highlights why…

News

Allurity expands its European cybersecurity presence by acquiring MSF Partners – experts in protecting critical assets and infrastructure

Nov 25, 2025 G.C.Moresi

Allurity strengthens its European cybersecurity footprint by acquiring MSF Partners, a Swiss OT security specialist protecting critical infrastructure. The move…

Checklists News

LANDFALL: Inside the Most Advanced Android Spyware Campaign Ever Seen Targeting Samsung Devices

Nov 25, 2025 G.C.Moresi

LANDFALL is a sophisticated Android spyware exploiting a Samsung zero-day via DNG zero-click attacks delivered through WhatsApp images. This commercial-grade…

News

Cloudflare Global Network Outage — What CISOs Need to Know (18 November 2025)

Nov 18, 2025 G.C.Moresi

Cloudflare suffered a global service outage impacting the dashboard, Access, WARP, and application services. Recovery is underway. The incident highlights…

AI-driven malware illustration showing a robotic figure and a malicious code symbol representing self-evolving cyber threats

News

PROMPTFLUX: The First AI-Evolving Malware — and What It Really Means for Cybersecurity

Nov 17, 2025 G.C.Moresi

AI-driven malware is no longer theoretical. PROMPTFLUX, an experimental VBScript malware leveraging Gemini for real-time code regeneration, shows how threat…

News

Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild

Nov 14, 2025 G.C.Moresi

A critical vulnerability in Fortinet's FortiWeb Web Application Firewall has been actively exploited, allowing attackers to gain administrator access. Organizations…

Centered cybersecurity alert image about ASA firewall vulnerability and urgent zero-day exploit mitigation.

Checklists News

CISA Emergency Directive 25-03: Federal Agencies Ordered to Identify and Mitigate Compromise of Cisco ASA and Firepower Devices

Nov 3, 2025 G.C.Moresi

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-03 after discovering a state-sponsored campaign exploiting zero-day…

SQL database exposed online with red padlock and cybersecurity icons

News

EY’s 4TB Data Leak: When a Single Click Opens the Vault

Nov 2, 2025 G.C.Moresi

A 4TB unencrypted SQL backup from EY was found exposed online, revealing sensitive credentials and API keys. The case, caused…

You missed

News

17 Million Infected Devices: Why the Dutch Botnet 17 Million Infected Devices: Why the Dutch Botnet Takedown Is a Wake-Up Call for Every CISO

Jun 1, 2026 G.C.Moresi

News Whitepapers

Cybersecurity News, Threat Intelligence & CISO Best Practices

Fortinet Discloses Critical FortiCloud SSO Authentication Bypass Vulnerabilities: What CISOs Must Do Immediately

Sryxen Stealer: The New Class of Malware That Turns Chrome Against Itself

When Trust Becomes the Weakest Link: Potential Supply-Chain Malware via Yealink Downloads

Allurity expands its European cybersecurity presence by acquiring MSF Partners – experts in protecting critical assets and infrastructure

LANDFALL: Inside the Most Advanced Android Spyware Campaign Ever Seen Targeting Samsung Devices

Cloudflare Global Network Outage — What CISOs Need to Know (18 November 2025)

PROMPTFLUX: The First AI-Evolving Malware — and What It Really Means for Cybersecurity

Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild

CISA Emergency Directive 25-03: Federal Agencies Ordered to Identify and Mitigate Compromise of Cisco ASA and Firepower Devices

EY’s 4TB Data Leak: When a Single Click Opens the Vault

You missed

17 Million Infected Devices: Why the Dutch Botnet 17 Million Infected Devices: Why the Dutch Botnet Takedown Is a Wake-Up Call for Every CISO

Agentic AI Has Created a New Attack Surface: Why CISOs Need an Agentic AI Attack Matrix

Alleged OnlyFans “Mega Leak” Raises Questions About Synthetic Breaches, Privacy Risks, and Cyber Disinformation

Microsoft Issues Emergency Mitigation for “YellowKey” BitLocker Bypass Vulnerability (CVE-2026-45585)

Category: News

You missed