• TheCyberThrone

Skip to content July 17, 2025Threat OverviewCVE-2025-6558 is a high-risk zero-day vulnerability (CVSS score: 8.8) impacting Google Chrome’s graphics rendering pipeline, specifically within the ANGLE ( ... Read more

• BleepingComputer

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection. The vulnerability is i ... Read more

• The Hacker News

Jul 16, 2025Ravie LakshmananBrowser Security / Zero-Day Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wil ... Read more

• BleepingComputer

Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. "Google is aware that an expl ... Read more

• The Hacker News

Vulnerability / Browser Security Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as C ... Read more

• The Hacker News

Cybercrime / Vulnerability The threat actor known as Blind Eagle has been attributed with high confidence to the use of the Russian bulletproof hosting service Proton66. Trustwave SpiderLabs, in a rep ... Read more

• The Hacker News

Threat Hunting / Vulnerability Threat hunters have discovered a network of more than 1,000 compromised small office and home office (SOHO) devices that have been used to facilitate a prolonged cyber e ... Read more

• The Hacker News

Network Security / Vulnerability Threat intelligence firm GreyNoise is warning of a "notable surge" in scanning activity targeting Progress MOVEit Transfer systems starting May 27, 2025—suggesting tha ... Read more

• The Hacker News

Vulnerability, Network Security Cisco has released updates to address two maximum-severity security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could perm ... Read more

• The Hacker News

Vulnerability / Firmware Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added three security flaws, each impacting AMI MegaRAC, D-Link DIR-859 router, and Forti ... Read more

• The Hacker News

Vulnerability / Network Security Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE- ... Read more

• The Hacker News

Data Privacy / Vulnerability Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could ha ... Read more

• The Hacker News

Unidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, ... Read more

• The Hacker News

Malware / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal c ... Read more

• The Hacker News

Cyber Espionage / Chinese Hackers The Canadian Centre for Cyber Security and the U.S. Federal Bureau of Investigation (FBI) have issued an advisory warning of cyber attacks mounted by the China-linked ... Read more

• TheCyberThrone

CVE-2025-49763 is a denial-of-service (DoS) vulnerability found in Apache Traffic Server (ATS), specifically within its Edge Side Includes (ESI) plugin. The flaw stems from insufficient restrictions o ... Read more

• TheCyberThrone

📌 OverviewCVE-2025-23121 is a critical remote code execution (RCE) vulnerability identified in Veeam Backup & Replication (VBR) software. The flaw affects domain-joined backup servers and allows any a ... Read more

• TheCyberThrone

A critical vulnerability in Google Chrome, tracked as CVE-2025-2783, has been exploited in cyberattacks deploying the Trinper backdoor. The flaw, a sandbox escape vulnerability, enables attackers to e ... Read more

• The Hacker News

Malware / Cyber Espionage A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in mid ... Read more

• Cyber Security News

A sophisticated attack campaign exploiting a Google Chrome zero-day vulnerability tracked as CVE-2025-2783, marking yet another instance of advanced persistent threat (APT) groups leveraging previousl ... Read more

• Daily CyberSecurity

Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to update immediately following the discovery of a serious security vulnerability. Tracked as ... Read more

• Daily CyberSecurity

In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC) has attributed a sophisticated phishing and malware campaign to the APT group Tea ... Read more

• Kaspersky

vulnerabilities Internet Explorer sends its regards: a vulnerability in the HTTP protocol extension allows attackers to run malicious code — even on a modern operating system. June 11, 2025 On June 10 ... Read more

• Cyber Security News

Google has released an important security update for Chrome Desktop, addressing two high-severity vulnerabilities that could enable attackers to execute malicious code remotely on users’ systems. The ... Read more

• The Register

Google revealed Monday that it had quietly deployed a configuration change last week to block active exploitation of a Chrome zero-day. Google Threat Analysis Group (TAG) team members Clement Lecigne ... Read more

• BleepingComputer

Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. "Google is aware that an exploit for CVE-2025-5419 exi ... Read more

• The Hacker News

Browser Security / Vulnerability Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in th ... Read more

• Cyber Security News

A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to break out of the browser’s protective sandbox environment, potentially giving attackers access to ... Read more

• Cyber Security News

Google Chrome has faced a series of high-profile security incidents involving Use-After-Free (UAF) vulnerabilities, several of which have been actively exploited in the wild. These flaws, rooted in im ... Read more

• TheCyberThrone

Operation ForumTroll is a sophisticated Advanced Persistent Threat (APT) campaign that exploits a zero-day vulnerability (CVE-2025-2783) in Google Chrome. This operation was uncovered in March 2025 an ... Read more

• TheCyberThrone

CVE-2024-20439 is a critical vulnerability affecting Cisco Smart Licensing Utility (CSLU), classified with a CVSS score of 9.8 (Critical). It represents a major security risk, as it allows unauthorize ... Read more

• The Hacker News

Threat Intelligence / Cybersecurity Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the p ... Read more

• Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching, alert fatigue Microsoft is rolling out a new gen ... Read more

• Help Net Security

Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and th ... Read more

• The Cyber Express

Mozilla has issued an urgent update for Firefox on Windows to patch a critical security vulnerability. This Firefox vulnerability move follows the recent discovery of a similar exploit in Google Chrom ... Read more

• Cyber Security News

Mozilla has released an emergency security update for its Firefox browser on Windows systems to address a critical vulnerability that could allow attackers to escape browser sandboxes and potentially ... Read more

• The Register

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia. ... Read more

• The Hacker News

Zero-Day / Browser Security Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that c ... Read more

• Cyber Security News

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical zero-day vulnerability in Google Chrome that is actively being exploited in the wild. The ... Read more

• BleepingComputer

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems. Tracked as CVE-2025-2857, this flaw is descr ... Read more

• security.nl

Mozilla waarschuwt gebruikers van Firefox voor een kritieke kwetsbaarheid in de Windowsversie van de browser en heeft updates uitgebracht om het probleem te verhelpen. Het oorspronkelijke probleem dat ... Read more

• TheCyberThrone

As the digital landscape continues to evolve, vulnerabilities in widely-used software systems remain a critical threat. Two such vulnerabilities, CVE-2025-20229 and CVE-2025-20231, have recently been ... Read more

• The Cyber Express

A set of vulnerabilities have been identified in Ingress-NGINX Controller for Kubernetes, posing a risk to organizations relying on the affected versions. These vulnerabilities impact versions prior t ... Read more

• The Cyber Express

A serious security vulnerability has recently been identified in NetApp’s SnapCenter software, a widely used enterprise solution for managing data protection. This flaw, tracked as CVE-2025-26512, cou ... Read more

• TheCyberThrone

CISA’s add vulnerabilities related to Sitecore CMS and Reviewdog GitHub Actions to its Known Exploited Vulnerabilities (KEV) catalog1. Sitecore CMS VulnerabilitiesCISA has identified critical vulnerab ... Read more

• TheCyberThrone

CVE-2025-2783 is a zero-day vulnerability affecting Google Chrome, uncovered in a targeted cyber-espionage campaign known as Operation ForumTroll. This critical flaw has allowed attackers to bypass Ch ... Read more