Subscribe
Saturday, April 25, 2026
type here...
Subscribe
HomeCyber News

Cyber News

ADOdb SQLite3 Driver Vulnerability Enables Arbitrary SQL Statement Execution

A critical SQL injection vulnerability affecting the widely-used ADOdb PHP database abstraction library has been discovered and patched, posing significant security risks to applications using the SQLite3 driver. The vulnerability, tracked as CVE-2025-54119, carries the maximum CVSS score of 10.0, highlighting its severity and...
Read more

New Streamlit Vulnerability Enables Cloud Account Takeover Attacks

A critical vulnerability in Streamlit's file upload feature that could enable attackers to execute cloud account takeover attacks on misconfigured instances. The vulnerability, which client-side file type restrictions, was exploited in a proof-of-concept demonstration showing how financial market dashboards could be manipulated to influence...
Read more

WAF Evasion Using JavaScript Injection and Parameter Pollution for XSS

A sophisticated technique that can bypass most Web Application Firewalls (WAFs) to execute Cross-Site Scripting (XSS) attacks, revealing significant vulnerabilities in widely-used cybersecurity defenses. The research, conducted during an autonomous penetration test, demonstrated that parameter pollution combined with JavaScript injection can defeat 70.6% of...
Read more

Claude AI Vulnerabilities Allow Attackers to Run Unauthorized Commands

Two critical security vulnerabilities discovered in Anthropic's Claude Code have demonstrated how artificial intelligence tools designed to enhance developer productivity can be weaponized against themselves through sophisticated prompt engineering techniques. The vulnerabilities, tracked as CVE-2025-54794 and CVE-2025-54795, allowed attackers to bypass security restrictions and...
Read more

Mozilla Warns of Targeted Phishing Campaign Against Add-on Developers

Mozilla has issued an urgent advisory to add-on developers, alerting them to a sophisticated phishing campaign aimed at compromising accounts on the Mozilla Add-ons (AMO) platform. The security teams detected the malicious effort when several developers reported receiving deceptive emails that mimic official communication...
Read more

FUJIFILM Printer Vulnerability Exposes Devices to Denial-of-Service Attacks

A newly disclosed vulnerability in FUJIFILM’s Internet Printing Protocol (IPP) and Line Printer Daemon (LPD) processing logic allows malicious actors to send specially crafted packets that can freeze affected printers, causing a denial-of-service (DoS) condition. FUJIFILM has released firmware updates to address the...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News