Latest Cybersecurity News & Insights

---

Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds

A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 (DDR5) memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix (CVE-2025-6202, CVSS score: 7.1), is capable of bypassing sophisticated protection mechanisms put in place to resist the attack. "We have proven that

---

Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle

Fifteen years after its debut, Zero Trust remains the gold standard in cybersecurity theory — but its uneven implementation leaves organizations both stronger and dangerously exposed. The post Zero Trust Is 15 Years Old — Why Full Adoption Is Worth the Struggle appeared first on SecurityWeek.

---

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO’s real job isn't just to secure technology—it's to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from supply chains to strategic partnerships. With new regulations and the rise of AI-driven attacks, the

---

Samsung Patches Zero-Day Exploited Against Android Users

Reported by Meta and WhatsApp, the vulnerability leads to remote code execution and was likely exploited by a spyware vendor. The post Samsung Patches Zero-Day Exploited Against Android Users appeared first on SecurityWeek.

---

Samsung Fixes Critical Zero-Day CVE-2025-21043 Exploited in Android Attacks

Samsung has released its monthly security updates for Android, including a fix for a security vulnerability that it said has been exploited in zero-day attacks. The vulnerability, CVE-2025-21043 (CVSS score: 8.8), concerns an out-of-bounds write that could result in arbitrary code execution. "Out-of-bounds Write in libimagecodec.quram.so prior to SMR Sep-2025 Release 1 allows remote attackers to

---

In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research

Noteworthy stories that might have slipped under the radar: Huntress research raises concerns, Google paid out $1.6 million for cloud vulnerabilities, California web browser bill. The post In Other News: $900k for XSS Bugs, HybridPetya Malware, Burger King Censors Research appeared first on SecurityWeek.

---

DELMIA Factory Software Vulnerability Exploited in Attacks

A deserialization of untrusted data in the MOM software allows attackers to achieve remote code execution. The post DELMIA Factory Software Vulnerability Exploited in Attacks appeared first on SecurityWeek.

---

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems using a now-patched vulnerability disclosed earlier this year. Slovakian cybersecurity company ESET said the samples were uploaded

---

Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Dassault Systèmes DELMIA Apriso Manufacturing Operations Management (MOM) software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2025-5086, carries a CVSS score of 9.0 out of 10.0. According to

---

CISA: CVE Program to Focus on Vulnerability Data Quality

CISA says it is time for the CVE Program to focus on improving trust, responsiveness, and the caliber of vulnerability data. The post CISA: CVE Program to Focus on Vulnerability Data Quality appeared first on SecurityWeek.

---

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm

KioSoft was notified about a serious NFC card vulnerability in 2023 and only recently claimed to have released a patch. The post Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm appeared first on SecurityWeek.

---

SonicWall SSL VPN Flaw and Misconfigurations Actively Exploited by Akira Ransomware Hackers

Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access. Cybersecurity firm Rapid7 said it observed a spike in intrusions involving SonicWall appliances over the past month, particularly following reports about renewed Akira ransomware activity since late July 2025. SonicWall subsequently revealed the SSL VPN activity aimed at its

---

Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs

Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploited in the wild as a zero-day. Like last month, 38 of the disclosed flaws are related to

---

Microsoft Patch Tuesday, September 2025 Edition

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's most-dire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

---

Active exploitation of vulnerability affecting Microsoft Office SharePoint Server products in the UK

The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-53770) affecting Microsoft SharePoint Server products.

---

Vulnerability affecting Next.js web development framework

The NCSC is encouraging UK organisations to take immediate action to mitigate a vulnerability (CVE-2025-29927) affecting the Next.js framework used to build web applications.

---

‘Security through obscurity’: the Swedish cabin on the frontline of a possible hybrid war

Amid claims of sabotage of undersea cables, a small wooden structure houses a key cog in Europe’s digital connectivityAt the end of an unmarked path on a tiny island at the edge of Stockholm’s extensive Baltic Sea archipelago lies an inconspicuous little wooden cabin, painted a deep shade of red. Water gently laps the snow-dusted rocks, and the smell of pine fills the air.The site offers few clues to the geopolitical drama that has gripped Scandinavia in recent months, driven by accusations of infrastructure sabotage. But in fact the cabin houses a key cog in Europe’s digital connectivity, and a point of vulnerability in a potential hybrid war: a datacentre that amplifies the signal from a 1,615-mile fibre-optic cable running from northern Sweden to Berlin. Continue reading...