Adobe Patches 11 Critical ColdFusion Flaws Amid 30 Total Vulnerabilities Discovered

/in

Adobe has released security updates to fix a fresh set of security flaws, including multiple critical-severity bugs in ColdFusion versions 2025, 2023 and 2021 that could result in arbitrary file read and code execution.
Of the 30 flaws in the product, 11 are rated Critical in severity –

CVE-2025-24446 (CVSS score: 9.1) – An improper input validation vulnerability that could result in an

The Hacker News – ​Read More

NCSC shares technical details of spyware targeting Uyghur, Tibetan and Taiwanese groups

/in

The U.K.’s National Cyber Security Centre and international cybersecurity and intelligence agencies on Wednesday said hackers are deploying two forms of previously identified spyware to snoop on Uyghur, Tibetan and Taiwanese individuals and civil society organizations.

The Record from Recorded Future News – ​Read More

Microsoft Drops Another Massive Patch Update

/in

A threat actor has already exploited one of the flaws in a ransomware campaign with victims in the US and other countries.

darkreading – ​Read More

Medusa Ransomware Claims NASCAR Breach in Latest Attack

/in

Medusa ransomware hits NASCAR, demands $4M ransom, leaks internal files. Group also claims Bridgebank, McFarland, and Pulse Urgent Care.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

Microsoft: Zero-day bug used in ransomware attacks on US real estate firms

/in

Microsoft published a blog post on Tuesday about the bug alongside its larger Patch Tuesday release, detailing how hackers exploited the vulnerability and used a strain of malware called PipeMagic before deploying ransomware on victims.

The Record from Recorded Future News – ​Read More

UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare

/in

Artificial intelligence poses a significant concern when it comes to nation-state cyberthreats and AI’s ability to supercharge attacks.

darkreading – ​Read More

Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day

/in

Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild.

The post Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day appeared first on SecurityWeek.

SecurityWeek – ​Read More

WhatsApp for Windows Flaw Could Let Hackers Sneak In Malicious Files

/in

If you use WhatsApp Desktop on Windows, listen up! A flaw in WhatsApp for Windows (CVE-2025-30401) let attackers disguise malicious files as safe ones. Update to version 2.2450.6 or later to stay secure.

Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News – ​Read More

2 Android Zero-Day Bugs Under Active Exploit

/in

Neither security issue requires user interaction, and one of the vulnerabilities was used to unlock a student activist’s device in an attempt to install spyware.

darkreading – ​Read More

Adobe Calls Urgent Attention to Critical ColdFusion Flaws

/in

The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software.

The post Adobe Calls Urgent Attention to Critical ColdFusion Flaws appeared first on SecurityWeek.

SecurityWeek – ​Read More