security research
-
Microsoft patches critical Entra ID flaw CVE-2025-55241 with 10.0 severity, enabling cross-tenant impersonation
Microsoft has patched a critical Entra ID vulnerability, CVE-2025-55241, with a maximum CVSS score of 10.0 that could allow cross-tenant impersonation of users, including Global Administrators. The fix, disclosed by researchers and implemented on July 17, 2025, requires no action by customers, though experts warn the flaw highlights broader cloud-security risks and the need to…
-
ETH Zurich researchers reveal Phoenix DDR5 Rowhammer defeats TRR, enabling privilege escalation on commodity systems
Researchers from ETH Zurich and Google have disclosed Phoenix, a DDR5 Rowhammer variant that bypasses TRR protections and enables privilege escalation on commodity systems within minutes, affecting most DDR5 modules produced between 2021 and 2024. The work includes a proof-of-concept showing root access and other exploits, and provides links to the technical paper and a…
-
Critical Docker Desktop vulnerability could let attackers hijack Windows hosts, researchers say
A critical vulnerability in Docker Desktop for Windows and macOS could allow attackers to hijack the host by running a malicious container, even with Enhanced Container Isolation, tracked as CVE-2025-9074 (SSRF) and rated 9.3. The flaw has been patched in Docker Desktop 4.44.3, after demonstrations of a PoC that could access the Docker Engine from…
-
Cheap VPS Hijacking Drives New Wave of SaaS-Based Business Email Compromises, Darktrace Finds
A Darktrace security report details a new wave of attacks where criminals rent cheap VPS services to hijack business email accounts, bypass traditional defenses, and establish covert, long-term access through subtle inbox rules.
-
Researchers warn of DOM-based extension clickjacking in password managers
Security researchers at DEF CON 33 revealed a DOM-based extension clickjacking flaw affecting popular password-manager browser extensions, capable of stealing credentials, 2FA codes, and more with a single click on a malicious page; Bitwarden has issued a fix, and others are in progress, with guidance to disable auto-fill until patches are deployed.
-
Noodlophile Infostealer Campaign Uses Legal-Threat Phishing to Target Businesses, Researchers Warn
Security researchers warn of a spear-phishing campaign leveraging legal-threat prompts to deploy the Noodlophile infostealer, using DLL side-loading in legitimate applications and malicious archives to exfiltrate cookies, payment data and system information across global targets.
