Saturday, June 14, 2025
Tag:

Cyber Security News

Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of critical Directory Service Accounts...

Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic

A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022. The flaw allows attackers to...

Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User

A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITYSYSTEM privileges via a misconfigured Windows Named...

HashiCorp Nomad ACL Lookup Flaw Allows Privilege Escalation

HashiCorp disclosed a critical security flaw (CVE-2025-4922) in its Nomad workload orchestration tool on June 11, 2025, exposing clusters to privilege escalation risks through...

Graphite Spyware Uses iOS Zero-Click Flaw to Target Journalists

Security researchers at Citizen Lab have uncovered the first forensic evidence linking Paragon’s Graphite mercenary spyware to zero-click attacks on journalists’ iPhones. The campaigns...

PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability

Microsoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025's Patch Tuesday. The flaw, scoring...

Major Outage Hits Google Cloud and Linked Cloudflare Services, Thousands Affected

On June 12, 2025, concurrent infrastructure failures at Cloudflare and Google caused widespread service disruptions, highlighting vulnerabilities in modern cloud dependencies. The outages impacted...

TokenBreak Exploit Tricks AI Models Using Minimal Input Changes

HiddenLayer’s security research team has uncovered TokenBreak, a novel attack technique that bypasses AI text classification models by exploiting tokenization strategies. This vulnerability affects...