Similar Posts
Mozilla Fixes Critical Firefox Vulnerability Exploited in the Wild, Echoing Chrome’s Recent Security Threat
Mozilla has released a critical update for Firefox (version 136.0.4) to address a significant security vulnerability (CVE-2025-2857) that cybercriminals were actively exploiting. This flaw allows attackers to escape Firefox’s sandbox, potentially leading to unauthorized access to sensitive data. The issue also affects other browsers, including the Tor Browser, which has been updated as well. Kaspersky researcher Boris Larin confirmed that this vulnerability shares similarities with a recent bug in Google Chrome. Users are urged to keep their browsers updated to safeguard against evolving cyber threats and maintain online security.
Critical Alert: Palo Alto Networks Discovers New Firewall Vulnerability Targeted by Hackers
Palo Alto Networks has issued a critical warning about a new vulnerability in its firewall software, identified as CVE-2025-0108, which is being actively exploited by hackers. Discovered by Assetnote, the vulnerability affects unpatched PAN-OS customer networks. The company has urged customers to apply patches urgently, as attackers are chaining this vulnerability with two others, CVE-2024-9474 and CVE-2025-0111. A significant increase in exploitation activity has been noted, with 25 IP addresses involved. The Cybersecurity and Infrastructure Security Agency (CISA) has added this vulnerability to its Known Exploited Vulnerabilities catalog, highlighting the urgency for organizations to respond.
US Government to Launch Cyber Trust Mark: A Game-Changer for Cybersecurity Labels on Internet-Connected Devices in 2025
The U.S. government has announced the upcoming launch of its highly anticipated cybersecurity labeling program for consumer internet-connected devices, set to begin in 2025. This initiative, known as the U.S. Cyber Trust Mark, aims to enhance device security and empower consumers to make informed purchasing decisions. What is the U.S. Cyber Trust Mark? Introduced by…
Revealed: Court Documents Expose Locations of WhatsApp Victims Targeted by NSO Spyware
The NSO Group faces scrutiny for its spyware, Pegasus, which compromised 1,223 WhatsApp accounts in 2019 across 51 countries, including 456 in Mexico and 100 in India. A recent court document related to Meta-owned WhatsApp’s lawsuit against NSO revealed the extensive targeting of human rights activists and journalists. The hacking campaign occurred in just two months, raising concerns over the spyware’s reach, with many victims unaware of their targeting. WhatsApp won a legal victory against NSO for violating U.S. hacking laws, and further hearings will determine potential financial penalties. NSO Group reportedly severed ties with 10 clients due to misuse.
Inside the Trump Administration: Unauthorized Yemen Strikes Discussed in Secret Signal Chat
A recent incident involving the Trump administration’s national security team has raised alarms about communication security. Jeffrey Goldberg, editor-in-chief of the Atlantic, was mistakenly included in a confidential Signal chat discussing imminent military plans against Yemen’s Houthis, just hours before airstrikes. Goldberg expressed disbelief at the use of a commercial platform for such sensitive discussions. The National Security Council later confirmed the authenticity of the messages, highlighting significant concerns about security protocols. This incident emphasizes the need for stricter measures in government communications and raises questions about the appropriateness of commercial messaging apps for confidential matters.