Sensorstechforum.com Newsroom – November 18, 2025. A major outage at internet infrastructure provider Cloudflare today briefly broke large parts of the web, knocking services such as X (formerly Twitter), OpenAI’s ChatGPT, Canva and multiple other platforms offline or making them…
Sensorstechforum.com investigation — A recently surfaced phishing-as-a-service (PhaaS) kit dubbed Tykit has been weaponizing SVG attachments since May 2025 to steal corporate Microsoft 365 credentials. The kit blends multi-stage redirection, heavily obfuscated JavaScript, and anti-bot checks to dodge automated scanning,…
Is Google Down? Google Outage Today (Sept 4, 2025): Are Gmail, Maps, Ads & Analytics Down? [Live ET Status] Updated: Sept 4, 2025 — Eastern Time (ET) Quick take: There are user reports of access issues to key Google services,…
CVE-2025-43300: Vulnerability in Image Handling Framework Apple has released urgent software updates for iPhones, iPads, and Macs after identifying a zero-day security flaw that was already being exploited. The issue, cataloged as CVE-2025-43300, exists in the ImageIO framework and can…
In a three-day cyberattack this April, hackers exploited a newly disclosed SAP vulnerability to infiltrate a U.S.-based chemicals company, deploying a stealthy Linux malware known as Auto-Color backdoor. Cybersecurity firm Darktrace says the attackers gained access through a critical flaw…
A financially driven cybercrime group known as UNC3944 has launched a coordinated and highly targeted hacking campaign that ends with ransomware against major U.S. industries, according to a joint report by Google’s Threat Intelligence Group (GTIG) and cybersecurity firm Mandiant.…
Microsoft has released emergency security updates to address a critical vulnerability in its on-premises SharePoint Server, warning that the flaw is currently being exploited in the wild. The tech company also disclosed a second, related vulnerability. CVE-2025-53770 Critical Flaw Enables…
Microsoft’s latest Patch Tuesday release of fixes for 130 vulnerabilities did not include any updates for zero-day flaws that are currently being exploited. Still, the company acknowledged that one of the patched issues had already been made public before the…
Microsoft has released a sweeping security update addressing 67 vulnerabilities across its software ecosystem. This includes a critical zero-day vulnerability in Web Distributed Authoring and Versioning (WebDAV) that is currently being exploited in real-world attacks. Breakdown of June 2025 Patch…
In an unusual out-of-band release, Google has issued an urgent update to its Chrome browser to patch three security vulnerabilities, including one that is currently being exploited in real-world attacks. Critical Vulnerability in Chrome’s V8 Engine The most serious of…
In its May 2025 security update, Microsoft has rolled out patches for 78 vulnerabilities spanning its product ecosystem. Most notably, five of these flaws (a.k.a. zero-day exploits) have already been exploited in the wild. May 2025 Patch Tuesday: 78 Vulnerabilities…
ASUS has issued important security updates to its DriverHub software, addressing two critical vulnerabilities, CVE-2025-3462 and CVE-2025-3463, that could allow attackers to execute remote commands on vulnerable systems. These flaws affected the mechanism responsible for driver detection and updates on…
Cybersecurity experts have uncovered a series of high-risk vulnerabilities affecting the on-premise edition of SysAid IT support software. These flaws could allow unauthenticated attackers to remotely execute code with elevated privileges, potentially giving them full control of targeted systems. Overview…
Cybersecurity firm Socket has recently uncovered a set of malicious Go modules capable of delivering a destructive disk-wiping payload. The campaign specifically targets Linux systems by exploiting Go’s decentralized module system, putting countless development environments at risk. How Does the…
A critical security flaw in SAP NetWeaver’s Visual Composer component, identified as CVE-2025-31324, has been actively exploited by threat actors. This vulnerability allows unauthenticated attackers to upload malicious files, leading to potential full system compromise. SAP has released a patch…
Apple has rolled out critical security updates across its ecosystem, including iOS, iPadOS, macOS Sequoia, tvOS, and visionOS, to address two newly discovered zero-day vulnerabilities that are currently being exploited in real-world attacks. Two Actively Exploited Zero-Day Flaws Patched The…
A threat group believed to have ties with China’s state-sponsored cyber operations, identified as UNC5174, has launched a stealthy and technically advanced cyber campaign aimed at Linux and macOS environments. According to new research published by Sysdig, the group is…
Phishing attacks are becoming increasingly sophisticated, but one emerging tactic is setting a new bar for precision and deception. Known as Precision-Validated Phishing, this method uses real-time credential validation to enhance the success rate of phishing campaigns. A recent report…
After two decades of persistent concern among privacy advocates and web security researchers, Google is finally rolling out a fix for a long-standing vulnerability in Chrome that has silently exposed users’ browsing history. The issue stems from how browsers have…
On April 8, 2025, Microsoft released its monthly security updates, addressing a total of 121 vulnerabilities across various products. Among these, CVE-2025-29824, a zero-day vulnerability in the Windows Common Log File System (CLFS) Driver, has been actively exploited in ransomware…
