x86.se

2 Min Read

October 20, 2025

Five New Exploited Bugs Land in CISA's Catalog — Oracle and Microsoft Among Targets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws to its Known Exploited Vulnerabilities (KEV) Catalog,…

16 Min Read

October 20, 2025

⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More

It's easy to think your defenses are solid — until you realize…

6 Min Read

October 20, 2025

Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches

ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks…

2 Min Read

October 20, 2025

131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign

Cybersecurity researchers have uncovered a coordinated campaign that…

3 Min Read

October 15, 2025

How Attackers Bypass Synced Passkeys

TLDR Even if you take nothing else away from this piece, if your organization is evaluating passkey deployments, it is insecure to deploy…

2 Min Read

October 15, 2025

Last Windows 10 Patch Tuesday Features Six Zero Days

It’s set to be a busy October for system administrators after Microsoft issued security updates to fix 172 vulnerabilities including six…

4 Min Read

October 15, 2025

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Microsoft on Tuesday released fixes for a whopping 183 security flaws spanning its products, including three vulnerabilities that have come…

3 Min Read

October 15, 2025

Capita Fined £14m After 2023 Breach that Hit 6.6 Million People

Capita will not appeal a £14m regulatory penalty for security failings that led to a 2023 data breach impacting nearly seven million…

Uncategorized

3 Min Read

October 15, 2025

UK, US Sanction Southeast Asia-Based Online Scam Network

A network of at least four organizations running illegal scam centers in Southeast Asia has been sanctioned by the UK and US government. The…

2 Min Read

October 15, 2025

Two CVSS 10.0 Bugs in Red Lion RTUs Could Hand Hackers Full Industrial Control

Cybersecurity researchers have disclosed two critical security flaws impacting Red Lion Sixnet remote terminal unit (RTU) products that, if…

1 Min Read

October 15, 2025

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations,…

2 Min Read

October 15, 2025

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS…

2 Min Read

October 15, 2025

Windows Remote Access Connection Manager 0-Day Vulnerability Exploited in Attacks

Microsoft has confirmed active exploitation of a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan)…

2 Min Read

October 15, 2025

Samsung Sets Oct 21 Event to Unveil “Project Moohan,” Its Android XR Headset Rival to Vision Pro

Samsung data breach Samsung has announced that it will host a new product unveiling event titled “Worlds Wide Open” on October 21…

2 Min Read

October 15, 2025

Critical Siemens Flaw CVE-2025-40771 (CVSS 9.8) Allows Unauthenticated Remote Access to SIMATIC CP Config

Siemens has released a critical update for its SIMATIC ET 200SP communication processors, addressing an authentication that could allow…

2 Min Read

October 15, 2025

Critical Rockwell NAT Router Flaw (CVE-2025-7328, CVSS 10.0) Allows Unauthenticated Admin Takeover

Rockwell Automation has published a new advisory warning customers about three affecting its 1783-NATR Network Address Translation (NAT)…

2 Min Read

October 15, 2025

Critical RCE Flaws CVE-2025-48983 & CVE-2025-48984 (CVSS 9.9) Found in Veeam Backup & Replication

Veeam Software has released patches addressing three newly disclosed , including two critical Remote Code Execution (RCE) in Veeam Backup…

1 Min Read

October 15, 2025

Chrome Fix: New Use-After-Free Flaw (CVE-2025-11756) in Safe Browsing Component Poses High Risk

Google has released a new Stable Channel Update for Desktop, rolling out gradually to Windows, macOS, and Linux systems over the coming days…

3 Min Read

October 15, 2025

October Patch Tuesday: Microsoft Fixes 6 Zero-Days, Including 4 Actively Exploited Flaws, as Windows 10 Reaches End-of-Life

Microsoft’s October 2025 Patch Tuesday has arrived with one of the largest updates of the year—193 patched, including six…

4 Min Read

October 15, 2025

Sekoia Exposes PolarEdge Backdoor: Custom mbedTLS C2 Compromising Cisco, QNAP, and Synology Devices

Sekoia Threat Detection & Response (TDR) researchers have published an in-depth technical analysis of the PolarEdge Backdoor, a stealthy…

3 Min Read

October 15, 2025

Rockwell Automation Patches Privilege Escalation and Denial-of-Service Flaws Across FactoryTalk and ArmorStart Systems

Rockwell Automation has released a series of advisories addressing in several of its FactoryTalk and ArmorStart product lines. These ,…

4 Min Read

October 14, 2025

Patch Tuesday, October 2025 ‘End of 10’ Edition

Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least two…

4 Min Read

October 14, 2025

Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack

Spooky season is in full swing, and this extends to Microsoft's October Patch Tuesday with security updates for a frightful 175 Microsoft…

Security

2 Min Read

October 14, 2025

Malicious crypto-stealing VSCode extensions resurface on OpenVSX

A threat actor called TigerJack is constantly targeting developers with malicious extensions published on Microsoft's Visual Code (VSCode)…

3 Min Read

October 14, 2025

Patch Tuesday October 2025: Three Zero-days Under Attack

Microsoft’s Patch Tuesday October 2025 included fixes for 175 vulnerabilities, including three exploited zero-days and 13 additional…

2 Min Read

October 14, 2025

PolarEdge With Custom TLS Server Uses Custom Binary Protocol for C2 Communication

A sophisticated backdoor malware targeting Internet of Things devices has surfaced, employing advanced communication techniques to maintain…

Microsoft

3 Min Read

October 14, 2025

Final Windows 10 Patch Tuesday update rolls out as support ends

In what marks the end of an era, Microsoft has released the Windows 10 KB5066791 cumulative update, the final cumulative update for the…

3 Min Read

October 14, 2025

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels…

Microsoft

2 Min Read

October 14, 2025

Microsoft: Exchange 2016 and 2019 have reached end of support

Microsoft has reminded that Exchange Server 2016 and 2019 reached the end of support and advised IT administrators to upgrade servers to…

2 Min Read

October 14, 2025

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process

Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow…

1 Min Read

October 14, 2025

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated…

15 Min Read

October 14, 2025

Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws

Today is Microsoft's October 2025 Patch Tuesday, which includes security updates for 172 flaws, including six zero-day…

5 Min Read

October 14, 2025

Windows 11 KB5066835 and KB5066793 updates released

Microsoft has released Windows 11 KB5066835 and KB5066793 cumulative updates for versions 25H2/24H2 and 23H2 to fix…

2 Min Read

October 14, 2025

US seizes $15 billion in crypto from 'pig butchering' kingpin

The U.S. Department of Justice has seized $15 billion in bitcoin from the leader of Prince Group, a criminal organization that stole billions…

9 Min Read

October 14, 2025

Microsoft October 2025 Patch Tuesday – 4 Zero-days and 172 Vulnerabilities Patched

Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 172 vulnerabilities across its ecosystem, including four…

2 Min Read

October 14, 2025

Chinese Hackers Exploit ArcGIS Server as Backdoor for Over a Year

Threat actors with ties to China have been attributed to a novel campaign that compromised an ArcGIS system and turned it into a backdoor for…

Security

4 Min Read

October 14, 2025

Oracles silently fixes zero-day exploit leaked by ShinyHunters

Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a…

3 Min Read

October 14, 2025

UEFI Shell Vulnerabilities Could Let Hackers Bypass Secure Boot on 200,000+ Laptops

Hackers can exploit vulnerabilities in signed UEFI shells to bypass Secure Boot protections on over 200,000 Framework laptops and desktops.…

2 Min Read

October 14, 2025

Legacy Windows Protocols Still Expose Networks to Credential Theft

A new cybersecurity study has found that legacy Windows communication protocols continue to expose organizations to credential theft, even…

Microsoft

2 Min Read

October 14, 2025

Microsoft warns that Windows 10 reaches end of support today

Microsoft has reminded customers today that Windows 10 has reached the end of support and will no longer receive patches for newly discovered…

Security

3 Min Read

October 14, 2025

Security firms dispute credit for overlapping CVE reports

Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability…

Security

3 Min Read

October 14, 2025

Security firms debate CVE credit in overlapping vulnerability reports

Cybersecurity company FuzzingLabs has accused the Y Combinator-backed startup, Gecko Security, of replicating its vulnerability…

4 Min Read

October 14, 2025

Senior Execs Falling Short on Cyber-Attack Preparedness, NCSC Warns

Senior executives must do better to prepare for almost inevitable future cyber-attacks and cannot rely on government alone for protection, the…

2 Min Read

October 14, 2025

New Pixnapping Attack Steals 2FA Codes From Google Authenticator Within 30 Seconds

Pixnapping, a novel class of side-channel attacks targeting Android devices that can covertly extract sensitive screen data, including…

Explore Trending Topics