Subscribe
Saturday, April 25, 2026
type here...
Subscribe
HomeTagsVulnerability

Tag: Vulnerability

Lenovo AI Chatbot Vulnerability Allows Attackers to Execute Remote Scripts on Corporate Machines

A critical security vulnerability in Lenovo's AI-powered chatbot "Lena" has exposed the company's corporate systems to potential cyberattacks, allowing malicious actors to execute unauthorized scripts and steal sensitive session data through simple prompt manipulation. The vulnerability, discovered by Cybernews researchers, demonstrates how inadequate security...
Read more

Linux Kernel Netfilter Vulnerability Allows Attackers to Gain Elevated Privileges

A critical security vulnerability in the Linux kernel's netfilter ipset subsystem has been disclosed, allowing attackers to achieve privilege escalation through an out-of-bounds write primitive. The vulnerability, tracked as CVE-2024-53141, affects Linux kernel versions up to commit 041bd1e4 and kernel 6.12.2, presenting significant risks...
Read more

FortiWeb Vulnerability Enables Attackers to Impersonate Any User

Fortinet has disclosed a critical authentication bypass vulnerability in its FortiWeb web application firewall that allows unauthenticated attackers to log in as any existing user on affected devices. The vulnerability, tracked as CVE-2025-52970 and dubbed "Fort-Majeure" by security researcher Aviv Y, affects multiple versions...
Read more

Critical FortiSIEM Vulnerability Exploited in the Wild: PoC Enables Remote Command Execution

Fortinet has issued an urgent security advisory for a critical vulnerability in FortiSIEM that allows unauthenticated attackers to execute arbitrary commands remotely. The vulnerability, tracked as CVE-2025-25256 with a maximum CVSS score of 9.8, has already been exploited in the wild with proof-of-concept...
Read more

New 0-Click NTLM Credential Leak Vulnerability Evades Microsoft’s CVE-2025-24054 Patch

A critical zero-click vulnerability that circumvents Microsoft's security patch for CVE-2025-24054, enabling attackers to extract NTLM credentials without any user interaction. The new vulnerability, assigned CVE-2025-50154, demonstrates that Microsoft's April security update was incomplete, leaving Windows systems vulnerable to credential theft and malicious...
Read more

Microsoft Teams RCE Vulnerability Lets Hackers Steal, Alter, and Erase Messages

Microsoft has disclosed a significant remote code execution vulnerability in Teams that could enable attackers to compromise enterprise communications and access sensitive data. The vulnerability, designated CVE-2025-53783, represents a serious security threat to organizations worldwide using the popular collaboration platform. The vulnerability stems from a...
Read more

About us

The Cyber News is an online community for security professionals. It features articles from top security researchers, CISOs, and technology experts.

Company

The latest

Burp Suite Supercharges Its Scanning Capabilities With React2Shell Vulnerability Detection

Cybersecurity News 0
PortSwigger has leveled up Burp Suite's scanning arsenal with...

Malicious MCP Servers Enable New Prompt Injection Attack To Drain Resources

Cybersecurity News 0
Unit 42 researchers at Palo Alto Networks exposed serious...

Law Enforcement Detains Hackers Equipped With Specialized Flipper Hacking Tools

Cyber News 0
Polish police have arrested three Ukrainian men traveling through...

Subscribe

© 2025 the Cyber News