CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The high-severity vulnerability, tracked as CVE-2021-20035 (CVSS score: 7.2), relates to a case of operating system command injection

The Hacker News – ​Read More

Middle East, North Africa Security Spending to Top $3B

/in

Gartner projects IT security spending in the MENA region will continue to increase in 2025, with security services accounting for the most growth.

darkreading – ​Read More

Apple Patches Two Actively Exploited iOS Flaws Used in Sophisticated Targeted Attacks

/in

Apple on Wednesday released security updates for iOS, iPadOS, macOS Sequoia, tvOS, and visionOS to address two security flaws that it said have come under active exploitation in the wild.
The vulnerabilities in question are listed below –

CVE-2025-31200 (CVSS score: 7.5) – A memory corruption vulnerability in the Core Audio framework that could allow code execution when processing an audio

The Hacker News – ​Read More

GPS Spoofing Attacks Spike in Middle East, Southeast Asia

/in

An Indian disaster-relief flight delivering aid is the latest air-traffic incident, as attacks increase in the Middle East and Myanmar and along the India-Pakistan border.

darkreading – ​Read More

Former CISA director Chris Krebs vows to fight back against Trump-ordered federal investigation

/in

The former cybersecurity chief is the latest to push back on the Trump administration’s targeting of critics and dissenters.

Security News | TechCrunch – ​Read More

Multiple Groups Exploit NTLM Flaw in Microsoft Windows

/in

The attacks have been going on since shortly after Microsoft patched the vulnerability in March.

darkreading – ​Read More

Krebs Exits SentinelOne After Security Clearance Pulled

/in

Chris Krebs has resigned from SentinelOne after security clearance withdrawn and an order to review CISA’s conduct under his leadership.

The post Krebs Exits SentinelOne After Security Clearance Pulled appeared first on SecurityWeek.

SecurityWeek – ​Read More

Apple Quashes Two Zero-Days With iOS, MacOS Patches

/in

The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms.

The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ransomware gang ‘CrazyHunter’ Targets Critical Taiwanese Orgs

/in

Trend Micro researchers detailed an emerging ransomware campaign by a new group known as “CrazyHunter” that is targeting critical sectors in Taiwan.

darkreading – ​Read More

CISA warns of potential data breaches caused by legacy Oracle Cloud leak

/in

The Cybersecurity and Infrastructure Security Agency on Wednesday said that while the scope of the reported Oracle issue remains unconfirmed, it “presents potential risk to organizations and individuals.”

The Record from Recorded Future News – ​Read More