Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score of 9.2 out of a maximum of 10.0. It has been described as a case of memory overflow thatRead More »Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
New research suggests more than 10,000 SaaS apps could remain vulnerable to a nOAuth variant despite the basic issue being disclosed in June 2023. The post Thousands of SaaS Apps Could Still Be Susceptible to nOAuth appeared first on SecurityWeek.
Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information under certain conditions. The vulnerabilities, tracked as CVE-2025-0055 and CVE-2025-0056 (CVSS scores: 6.0), were patched by SAP as part ofRead More »Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
With end of support scheduled for October 2025, Windows 10 users will be able to continue receiving important security updates. The post Microsoft Offers Free Windows 10 Extended Security Update Options as EOS Nears appeared first on SecurityWeek.
Hackers have reportedly stolen funds from Nobitex, Iran’s largest cryptocurrency exchange.
G Data has observed a surge in malware infections originating from ConnectWise applications with modified certificate tables. The post Hackers Abuse ConnectWise to Hide Malware appeared first on SecurityWeek.
SonicWall says a modified version of the legitimate NetExtender application contains information-stealing code. The post SonicWall Warns of Trojanized NetExtender Stealing User Information appeared first on SecurityWeek.
Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors. The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek.
Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s a big quote, but I want you to read it all. Here’s a prompt you can use to give you a solid idea of what’s inRead More »What LLMs Know About Their Users
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it asRead More »Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
