TECHZONE™
Открыть в Telegram
TECHZONE CYBERNEWS && UPDATES Wᴇʟᴄᴏᴍᴇ Tᴏ TECHZONE™ ✔️Infosec Facts ✔️Cheatsheets ✔️Free Courses ✔️Open source tools ✔️Tech news
Больше595
Подписчики
Нет данных24 часа
Нет данных7 дней
-1030 день
Архив постов
595
How Attackers Bypass Synced Passkeys
https://thehackernews.com/2025/10/how-attackers-bypass-synced-passkeys.html
TLDR
Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy synced passkeys.
Synced passkeys inherit the risk of the cloud accounts and recovery processes that protect them, which creates material enterprise exposure.
Adversary-in-the-middle (AiTM) kits can force authentication fallbacks that circumvent strong
595
Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
https://thehackernews.com/2025/10/two-new-windows-zero-days-exploited-in.html
Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come under active exploitation in the wild, as the tech giant officially ended support for its Windows 10 operating system unless the PCs are enrolled in the Extended Security Updates (ESU) program.
Of the 183 vulnerabilities, eight of them are non-Microsoft
595
Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access
https://thehackernews.com/2025/10/hackers-target-ictbroadcast-servers-via.html
Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild.
The vulnerability, assigned the CVE identifier CVE-2025-2611 (CVSS score: 9.3), relates to improper input validation that can result in unauthenticated remote code execution due to the fact that the call center
595
Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control
https://thehackernews.com/2025/10/two-cvss-100-bugs-in-red-lion-rtus.html
Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if successfully exploited, could result in code execution with the highest privileges.
The shortcomings, tracked as CVE-2023-40151 and CVE-2023-42770, are both rated 10.0 on the CVSS scoring system.
"The vulnerabilities affect Red Lion SixTRAK and VersaTRAK
595
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
https://thehackernews.com/2025/10/new-sap-netweaver-bug-lets-attackers.html
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.
The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.
"Due to a deserialization vulnerability in SAP NetWeaver, an
595
Researchers Expose TA585’s MonsterV2 Malware Capabilities and Attack Chain
https://thehackernews.com/2025/10/researchers-expose-ta585s-monsterv2.html
Cybersecurity researchers have shed light on a previously undocumented threat actor called TA585 that has been observed delivering an off-the-shelf malware called MonsterV2 via phishing campaigns.
The Proofpoint Threat Research Team described the threat activity cluster as sophisticated, leveraging web injections and filtering checks as part of its attack chains.
"TA585 is notable because it
595
npm, PyPI, and RubyGems Packages Found Sending Developer Data to Discord Channels
https://thehackernews.com/2025/10/npm-pypi-and-rubygems-packages-found.html
Cybersecurity researchers have identified several malicious packages across npm, Python, and Ruby ecosystems that leverage Discord as a command-and-control (C2) channel to transmit stolen data to actor-controlled webhooks.
Webhooks on Discord are a way to post messages to channels in the platform without requiring a bot user or authentication, making them an attractive mechanism for attackers to
595
New Rust-Based Malware "ChaosBot" Uses Discord Channels to Control Victims' PCs
https://thehackernews.com/2025/10/new-rust-based-malware-chaosbot-hijacks.html
Cybersecurity researchers have disclosed details of a new Rust-based backdoor called ChaosBot that can allow operators to conduct reconnaissance and execute arbitrary commands on compromised hosts.
"Threat actors leveraged compromised credentials that mapped to both Cisco VPN and an over-privileged Active Directory account named, 'serviceaccount,'" eSentire said in a technical report published
595
New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login
https://thehackernews.com/2025/10/new-oracle-e-business-suite-bug-could.html
Oracle on Saturday issued a security alert warning of a fresh security flaw impacting its E-Business Suite that it said could allow unauthorized access to sensitive data.
The vulnerability, tracked as CVE-2025-61884, carries a CVSS score of 7.5, indicating high severity. It affects versions from 12.2.3 through 12.2.14.
"Easily exploitable vulnerability allows an unauthenticated attacker with
595
Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts
https://thehackernews.com/2025/10/experts-warn-of-widespread-sonicwall.html
Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments.
"Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing."
A significant chunk of
595
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
https://thehackernews.com/2025/10/hackers-turn-velociraptor-dfir-tool.html
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.
The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers
595
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
https://thehackernews.com/2025/10/stealit-malware-abuses-nodejs-single.html
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads.
According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It's assessed that the malware is being propagated through
595
Microsoft Warns of ‘Payroll Pirates’ Hijacking HR SaaS Accounts to Steal Employee Salaries
https://thehackernews.com/2025/10/microsoft-warns-of-payroll-pirates.html
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts.
"Storm-2657 is actively targeting a range of U.S.-based organizations, particularly employees in sectors like higher education, to gain access to third-party human resources (HR) software as a service (SaaS) platforms like Workday," the
595
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
https://thehackernews.com/2025/10/from-detection-to-patch-fortra-reveals.html
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that's assessed to have come under active exploitation since at least September 11, 2025.
The company said it began its investigation on September 11 following a "potential vulnerability" reported by a customer, uncovering "potentially suspicious
595
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart?
https://thehackernews.com/2025/10/the-ai-soc-stack-of-2026-what-sets-top.html
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how Security Operations Centers (SOCs) detect, respond, and adapt.
But not all AI SOC platforms are created equal.
From prompt-dependent copilots to autonomous, multi-agent systems, the current market offers
595
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
https://thehackernews.com/2025/10/175-malicious-npm-packages-with-26000.html
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.
The packages have been collectively downloaded 26,000 times, acting as an infrastructure for a widespread phishing campaign codenamed Beamglea targeting more than 135 industrial, technology, and energy
595
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability
https://thehackernews.com/2025/10/from-lfi-to-rce-active-exploitation.html
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products.
The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1), is an unauthenticated local file inclusion bug that allows unintended disclosure of system files. It impacts all versions of the software prior to and
595
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw
https://thehackernews.com/2025/10/cl0p-linked-hackers-breach-dozens-of.html
Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle's E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG) and Mandiant said in a new report released Thursday.
"We're still assessing the scope of this incident, but we believe it affected dozens of organizations," John Hultquist, chief analyst of
595
From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine
https://thehackernews.com/2025/10/from-phishing-to-malware-ai-becomes.html
Russian hackers' adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country's State Service for Special Communications and Information Protection (SSSCIP) said.
"Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed show clear signs of being generated
595
Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme
https://thehackernews.com/2025/10/critical-exploit-lets-hackers-bypass.html
Threat actors are actively exploiting a critical security flaw impacting the Service Finder WordPress theme that makes it possible to gain unauthorized access to any account, including administrators, and take control of susceptible sites.
The authentication bypass vulnerability, tracked as CVE-2025-5947 (CVSS score: 9.8), affects the Service Finder Bookings, a WordPress plugin bundled with the
Уже доступно! Исследование Telegram 2025 — ключевые инсайты года 
