Cybersecurity

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild 

SAP S/4HANA Critical Vulnerability CVE-2025-42957 Exploited in the Wild 

A critical security vulnerability impacting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has come under active exploitation in the wild.
The command injection vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), was fixed by SAP as part of its monthly updates last month.
“SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module

Automation Is Redefining Pentest Delivery 

Automation Is Redefining Pentest Delivery 

Pentesting remains one of the most effective ways to identify real-world security weaknesses before adversaries do. But as the threat landscape has evolved, the way we deliver pentest results hasn’t kept pace.
Most organizations still rely on traditional reporting methods—static PDFs, emailed documents, and spreadsheet-based tracking. The problem? These outdated workflows introduce delays,

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages 

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages 

Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics (SVG) files as part of phishing attacks impersonating the Colombian judicial system.
The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded JavaScript payload, which then decodes and injects a Base64-encoded HTML phishing page masquerading as a

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries 

Russian APT28 Deploys “NotDoor” Outlook Backdoor Against Companies in NATO Countries 

The Russian state-sponsored hacking group tracked as APT28 has been attributed to a new Microsoft Outlook backdoor called NotDoor in attacks targeting multiple companies from different sectors in NATO member countries.
NotDoor “is a VBA macro for Outlook designed to monitor incoming emails for a specific trigger word,” S2 Grupo’s LAB52 threat intelligence team said. “When such an email is

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module 

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module 

Cybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam.
The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services (IIS) module

Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions 

Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions 

Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass social media platform X’s malvertising protections and propagate malicious links using its artificial intelligence (AI) assistant Grok.
The findings were highlighted by Nati Tal, head of Guardio Labs, in a series of posts on X. The technique has been codenamed Grokking.
The approach is designed to

Google Fined $379 Million by French Regulator for Cookie Consent Violations 

Google Fined $379 Million by French Regulator for Cookie Consent Violations 

The French data protection authority has fined Google and Chinese e-commerce giant Shein $379 million (€325 million) and $175 million (€150 million), respectively, for violating cookie rules.
Both companies set advertising cookies on users’ browsers without securing their consent, the National Commission on Informatics and Liberty (CNIL) said. Shein has since updated its systems to comply with

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited 

CISA Flags TP-Link Router Flaws CVE-2023-50224 and CVE-2025-9377 as Actively Exploited 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, noting that there is evidence of them being exploited in the wild.
The vulnerabilities in question are listed below –

CVE-2023-50224 (CVSS score: 6.5) – An authentication bypass by spoofing vulnerability

Smashing Security podcast #433: How hackers turned AI into their new henchman 

Smashing Security podcast #433: How hackers turned AI into their new henchman 

Your AI reads the small print, and that’s a problem. This week in episode 433 of “Smashing Security” we dig into LegalPwn – malicious instructions tucked into code comments and disclaimers that sweet-talks AI into rubber-stamping dangerous payloads (or even pretending they’re a harmless calculator).

Meanwhile, new research from Anthropic reveals that hackers have already used AI gents to break into networks, steal passwords, sift through stolen data, and even write custom ransom notes. In other words, one hacker with an AI helper can work like an entire team of cybercriminals.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with computer security veteran Graham Cluley, joined this week by Mark Stockley.

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers 

Malicious npm Packages Exploit Ethereum Smart Contracts to Target Crypto Developers 

Cybersecurity researchers have discovered two new malicious packages on the npm registry that make use of smart contracts for the Ethereum blockchain to carry out malicious actions on compromised systems, signaling the trend of threat actors constantly on the lookout for new ways to distribute malware and fly under the radar.
“The two npm packages abused smart contracts to conceal malicious

NEW CUSTOMERS CALL TODAY: 720.221.6804  |  EXISTING CUSTOMERS REQUIRING SUPPORT: 303.617.6442

X