ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

/in

Behind every click, there’s a risk waiting to be tested. A simple ad, email, or link can now hide something dangerous. Hackers are getting smarter, using new tools to sneak past filters and turn trusted systems against us.
But security teams are fighting back. They’re building faster defenses, better ways to spot attacks, and stronger systems to keep people safe. It’s a constant race — every

The Hacker News – ​Read More

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon

/in

Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days.

The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-9242 (CVSS score: 9.3), an out-of-bounds write vulnerability affecting Fireware OS 11.10.2 up to and including

The Hacker News – ​Read More

BreachLock and Vanta Bridge the Gap Between Continuous Security Testing and Compliance with New Integration

/in

New York, New York, 13th November 2025, CyberNewsWire

Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More – ​Read More

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

/in

Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects.

The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek.

SecurityWeek – ​Read More

Kenya Kicks Off ‘Code Nation’ With a Nod to Cybersecurity

/in

The African country aims to train 1 million workers in tech skills in the short term, with a focus on software engineering, cybersecurity, and data science.

darkreading – ​Read More

Over 46,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

/in

Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.
“The packages were systematically published over an extended period, flooding the npm registry with junk packages that survived in the ecosystem for almost two years,” Endor Labs

The Hacker News – ​Read More

Two ways to remove a directory in Linux – plus a bonus method for extra security

/in

I’ll walk you through two methods for handling this essential task, plus a third way that achieves total annihilation.

Latest news – ​Read More

I’m a Photoshop diehard but Canva’s new free tools just won me over – and saved me $35/month

/in

Adobe’s subscription limits and AI stinginess pushed me over the edge. Canva offers freedom, flexibility, and serious savings. See if switching makes sense for you, too.

Latest news – ​Read More

Does your chatbot have ‘brain rot’? 4 ways to tell

/in

AI models trained on high-impact, low-quality social media posts show some alarming behavior. Here’s how to audit your chatbot.

Latest news – ​Read More