Author: PulauWin

Malicious Rust Crate Delivers OS-Specific Malware to Web3 Developer Systems

December 6, 2025 add comment
Cybersecurity researchers have discovered a malicious Rust package that’s capable of targeting Windows, macOS, and Linux systems, and features malicious functionality to stealthily execute on developer machines by masquerading... Read more »
Internet Security

Maximum-severity XXE vulnerability discovered in Apache Tika

December 6, 2025 add comment
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it... Read more »
Security of TechRepublic

CrowdStrike Identifies New China-Nexus Espionage Actor

December 5, 2025 add comment
CrowdStrike’s investigation shows that WARP PANDA initially infiltrated some victim networks as early as late 2023, later expanding operations. The post CrowdStrike Identifies New China-Nexus Espionage Actor appeared first... Read more »
Security of TechRepublic

Google Rolls Out Chrome 143 Update for Billions Worldwide

December 5, 2025 add comment
Google fixes 13 security vulnerabilities in a December desktop update rolling out to Windows, macOS, and Linux users. The post Google Rolls Out Chrome 143 Update for Billions Worldwide... Read more »
The Hacker News

Brazil Hit by Banking Trojan Spread via WhatsApp Worm and RelayNFC NFC Relay Fraud

December 5, 2025 add comment
The threat actor known as Water Saci is actively evolving its tactics, switching to a sophisticated, highly layered infection chain that uses HTML Application (HTA) files and PDFs to... Read more »
Internet Security

JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability

December 5, 2025 add comment
Array Networks AG gateways have been under active exploitation since August 2025 due to a command injection flaw, JPCERT/CC warns. A command injection flaw in Array Networks AG Series... Read more »
IT Security

Cyber teams on alert as React2Shell exploitation spreads

December 5, 2025 add comment
Exploitation of an RCE flaw in a widely-used open source library is spreading quickly, with China-backed threat actors in the driving seat Read more »
Internet Security

BRICKSTORM backdoor exposed: CISA warns of advanced China-backed intrusions

December 5, 2025 add comment
CISA details BRICKSTORM, a China-linked backdoor used by China-linked APTs to secure long-term persistence on compromised systems. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed technical details... Read more »
IT Security

Cloudflare fixes second outage in a month

December 5, 2025 add comment
A change to web application firewall policies at Cloudflare caused problems across the internet less than three weeks after another major outage at the service, but no cyber attack... Read more »
Help Net Security

Check Point introduces Quantum Firewall R82.10 with new AI and zero trust security capabilities

December 5, 2025 add comment
Check Point announced its new Check Point Quantum Firewall Software, R82.10, introducing 20 new capabilities designed to help enterprises safely adopt AI, protect distributed environments, and simplify zero trust... Read more »
Subscribe to our Newsletter