Skip to content
Security News, Assessments & Alerts Page 74

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. “PhantomCard relays NFC data from… 

Read More »New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits
Google Requires Crypto App Licenses in 15 Regions as FBI Warns of .9M Scam Losses

Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses

Aug 14, 2025Ravie LakshmananCryptocurrency / Financial Crime Google said it’s implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to “ensure… 

Read More »Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses
CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog

Aug 14, 2025Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active… 

Read More »CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog
New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

Aug 13, 2025Ravie LakshmananMalvertising / Cryptocurrency Cybersecurity researchers have discovered a new malvertising campaign that’s designed to infect victims with a multi-stage malware framework called PS1Bot. “PS1Bot features a modular design, with several modules delivered… 

Read More »New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws

Aug 13, 2025Ravie LakshmananVulnerability / Software Security Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting… 

Read More »Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
CISA and Partners Release Asset Inventory Guidance to Strengthen Operational Technology Security

CISA and Partners Release Asset Inventory Guidance to Strengthen Operational Technology Security

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Environmental Protection Agency (EPA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s… 

Read More »CISA and Partners Release Asset Inventory Guidance to Strengthen Operational Technology Security
Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code

Aug 13, 2025Ravie LakshmananVulnerability / Network Security Fortinet is alerting customers of a critical security flaw in FortiSIEM for which it said there exists an exploit in the wild. The vulnerability, tracked as CVE-2025-25256, carries… 

Read More »Fortinet Warns About FortiSIEM Vulnerability (CVE-2025-25256) With In-the-Wild Exploit Code