Blog – Page 397 – Cyber Mike

Android Security Alert: Google Patches 120 Flaws, Including Two Zero-Days Under Attack

Google has shipped security updates to address 120 security flaws in its Android operating system as part of its monthly fixes for September 2025, including two issues that it said have been exploited in targeted attacks.
The vulnerabilities are listed below –

CVE-2025-38352 (CVSS score: 7.4) – A privilege escalation flaw in the Linux Kernel component
CVE-2025-48543 (CVSS score: N/A) – A

Iranian Hackers Exploit 100+ Embassy Email Accounts in Global Phishing Targeting Diplomats

An Iran-nexus group has been linked to a “coordinated” and “multi-wave” spear-phishing campaign targeting the embassies and consulates in Europe and other regions across the world.
The activity has been attributed by Israeli cybersecurity company Dream to Iranian-aligned operators connected to broader offensive cyber activity undertaken by a group known as Homeland Justice.
“Emails were sent to

Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack

British automobile manufacturer Jaguar Land Rover (JLR) is scrambling to restore applications and operations that were impacted by a cyberattack. In a brief notice on Tuesday, the company said it disconnected its systems, which severely impacted both retail and manufacturing operations. “JLR has been impacted by a cyber incident. We took immediate action to mitigate […]

The post Jaguar Land Rover Operations ‘Severely Disrupted’ by Cyberattack appeared first on SecurityWeek.

Security Firms Hit by Salesforce–Salesloft Drift Breach

Hackers accessed customer contact information and case data from Salesforce instances at Cloudflare, Palo Alto Networks, and Zscaler.

The post Security Firms Hit by Salesforce–Salesloft Drift Breach appeared first on SecurityWeek.

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity security flaw impacting TP-Link TL-WA855RE Wi-Fi Ranger Extender products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability, CVE-2020-24363 (CVSS score: 8.8), concerns a case of missing authentication that could be abused to obtain

Salesloft Takes Drift Offline After OAuth Token Theft Hits Hundreds of Organizations

Salesloft on Tuesday announced that it’s taking Drift temporarily offline “in the very near future,” as multiple companies have been ensnared in a far-reaching supply chain attack spree targeting the marketing software-as-a-service product, resulting in the mass theft of authentication tokens.
“This will provide the fastest path forward to comprehensively review the application and build

Hackers breach fintech firm in attempted $130M bank heist

Hackers tried to steal $130 million from Evertec’s Brazilian subsidiary Sinqia S.A.after gaining unauthorized access to its environment on the central bank’s real-time payment system (Pix). […]

Cloudflare hit by data breach in Salesloft Drift supply chain attack

Cloudflare is the latest company impacted in a recent string of Salesloft Drift breaches, part of a supply-chain attack disclosed last week. […]

Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers

Tracked as CVE-2025-57819 (CVSS score of 10/10), the bug is described as an insufficient sanitization of user-supplied data.

The post Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers appeared first on SecurityWeek.

Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE

The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE.
The attack, observed by NCC Group’s Fox-IT in 2024, targeted an organization in the decentralized finance (DeFi) sector, ultimately leading to the compromise of an

Cyber News