Vulnerabilities
-
Apple says devices targeted by mercenary spyware in new wave of attacks, CERT-FR reports
France’s CERT-FR says Apple devices were targeted in a new wave of mercenary spyware attacks, issuing four threat notifications this year and noting that some campaigns exploit zero-day flaws while others require no user interaction.
-
Wyden urges FTC to probe Microsoft over alleged ‘gross cybersecurity negligence’ linked to ransomware attacks, citing Ascension breach
U.S. Senator Ron Wyden has urged the FTC to investigate Microsoft, accusing the company of cybersecurity negligence linked to ransomware attacks on critical infrastructure, including a major Ascension health-system breach that affected millions of people.
-
Cursor AI editor vulnerability could enable covert code execution on folder open, researchers warn
A vulnerability in Cursor, the AI-augmented fork of Visual Studio Code, could allow attackers to silently run code on a user’s machine when a repository is opened, researchers warn, due to default Workspace Trust settings and potential autorun configurations.
-
Chinese APT deploys EggStreme fileless framework in Philippines attack, Bitdefender says
A Chinese APT group has been linked to compromising a Philippines-based military services company using EggStreme, a new fileless malware framework designed for memory-resident espionage, with a backdoor capable of extensive reconnaissance and data theft.
-
Backdoor.Win32.Buterat Targets Government and Enterprise Networks, Researchers Say
A new analysis from Point Wild details Buterat, a long-running backdoor that targets government and enterprise networks. The malware uses thread manipulation and encrypted C2 channels to avoid detection and maintain persistence, with defenders urged to strengthen endpoints and employee training.
-
Open AWS bucket exposes 1.6 million gym audio recordings, researchers warn of privacy risk
A security researcher says an unencrypted AWS bucket exposed 1.6 million gym audio recordings containing names, numbers and reasons for calls, highlighting privacy and security risks from stored voice data.
-
Adobe patches critical SessionReaper flaw in Magento platforms (CVE-2025-54236)
Adobe has released a patch for a critical Magento vulnerability known as SessionReaper (CVE-2025-54236) that could allow unauthenticated access to customer accounts via the Commerce REST API. While Adobe says no exploitation has been observed, researchers warn the issue could be exploited at scale and urge immediate patching, with Cloud customers protected by an existing…
-
18 npm Packages Published With Malware That Rewrites Crypto Destinations
Aikido Security reported that attackers pushed malicious updates to 18 npm packages on Sept. 8 that inject browser hooks to intercept and rewrite crypto transaction destinations; the company said maintainers were targeted via phishing and listed indicators including specific compromised package versions.
-
GhostAction: GitHub supply-chain attack exposes 3,325 secrets across hundreds of repositories
Researchers say a GitHub supply-chain campaign named GhostAction stole about 3,325 secrets across PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys, by compromising maintainer accounts to inject malicious GitHub Actions workflows that exfiltrate secrets to an attacker-controlled endpoint.
-
VirusTotal flags 44 undetected SVGs in Colombian phishing campaign; hundreds of SVGs detected in the wild
VirusTotal has flagged a new malware campaign using 44 undetected SVG files to phish as Colombia’s Fiscalía General de la Nación, injecting a Base64-encoded HTML page and triggering a hidden ZIP download. Overall SVG detections in the wild have reached 523, with earliest samples dating to August 14, 2025.
