[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.] #  @The_Cyber_News Cyber Security News Cyber Security News posts on X about microsoft, microsoft teams, amazon web services, javascript the most. They currently have XXXXXX followers and XX posts still getting attention that total XXXXXX engagements in the last XX hours. ### Engagements: XXXXXX [#](/creator/twitter::1165106855879704577/interactions)  - X Week XXXXXXX -XX% - X Month XXXXXXXXX +710% - X Months XXXXXXXXX +1,342% - X Year XXXXXXXXX +2,420% ### Mentions: XX [#](/creator/twitter::1165106855879704577/posts_active)  - X Week XX +11% - X Month XX +34% - X Months XXX +62% - X Year XXX +66% ### Followers: XXXXXX [#](/creator/twitter::1165106855879704577/followers)  - X Week XXXXXX +3.10% - X Month XXXXXX +20% - X Months XXXXXX +75% - X Year XXXXXX +210% ### CreatorRank: XXXXXXX [#](/creator/twitter::1165106855879704577/influencer_rank)  ### Social Influence [#](/creator/twitter::1165106855879704577/influence) --- **Social category influence** [technology brands](/list/technology-brands) XXXXX% [stocks](/list/stocks) #3802 [social networks](/list/social-networks) XXX% [countries](/list/countries) XXXX% [finance](/list/finance) XXXX% **Social topic influence** [microsoft](/topic/microsoft) #59, [microsoft teams](/topic/microsoft-teams) #11, [amazon web services](/topic/amazon-web-services) #775, [javascript](/topic/javascript) 4.65%, [aws outage](/topic/aws-outage) 2.33%, [snapchat](/topic/snapchat) 2.33%, [has been](/topic/has-been) 2.33%, [shell](/topic/shell) 2.33%, [vmware](/topic/vmware) 2.33%, [azure](/topic/azure) XXXX% **Top accounts mentioned or mentioned by** [@thecybernews](/creator/undefined) [@aki_korhonen](/creator/undefined) [@lcopelandjr](/creator/undefined) [@jiltedvalkyrie](/creator/undefined) [@xandr0ss](/creator/undefined) [@parallex001](/creator/undefined) [@kfluffy3](/creator/undefined) [@mathieuchateau](/creator/undefined) **Top assets mentioned** [Microsoft Corp. (MSFT)](/topic/microsoft) [Crowdstrike Holdings Inc (CRWD)](/topic/crowdstrike) [Alphabet Inc Class A (GOOGL)](/topic/$googl) ### Top Social Posts [#](/creator/twitter::1165106855879704577/posts) --- Top posts by engagements in the last XX hours "🔻 AWS Outage Impacts Amazon Snapchat Prime Video Canva and More - Update Read more: A widespread Amazon Web Services (AWS) outage on Monday disrupted operations for millions of users worldwide knocking out access to everything from streaming giants to social media platforms and financial apps. The incident which began early in the morning affected high-profile services like Amazon's own e-commerce site Snapchat Prime Video Canva and countless others reliant on AWS infrastructure. To Get Daily Security Updates add Cyber Security News as your preferred source on Google - #cybersecuritynews" [X Link](https://x.com/The_Cyber_News/status/1980262666599010554) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-20T13:19Z 26.8K followers, 8486 engagements "⚠ Happy DOM Vulnerability Exposes XXX Million Users To Remote Code Execution Attacks Read more: A significant security flaw has been discovered in Happy DOM a popular JavaScript DOM implementation affecting versions up to v19. This vulnerability places systems at risk of Remote Code Execution (RCE) attacks potentially impacting the packages XXX million weekly users. The flaw arises because the Node.js VM Context used by Happy DOM is not a completely isolated environment which can allow untrusted code to escape and gain access to the underlying systems functionalities. To Get Daily Security" [X Link](https://x.com/The_Cyber_News/status/1977928498036789298) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-14T02:44Z 26.5K followers, 1376 engagements "🗼 UEFI Shell Vulnerabilities Could Allow Hackers to Bypass Secure Boot on 200000+ Laptops Read more: Hackers can exploit vulnerabilities in signed UEFI shells to bypass Secure Boot protections on over 200000 Framework laptops and desktops. These vulnerabilities expose fundamental flaws in how modern systems trust boot components potentially enabling persistent malware infections that evade detection. As pre-operating system attacks grow more common echoing threats like BlackLotus and Bootkitty this discovery underscores the risks lurking in the firmware layer we often overlook. To Get Daily" [X Link](https://x.com/The_Cyber_News/status/1978146439873118331) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-14T17:10Z 26.5K followers, 8469 engagements "🚨 Windows Rust Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error Read more: A vulnerability in Microsoft's newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw which could trigger a system-wide crash via a Blue Screen of Death (BSOD) highlights the challenges of integrating memory-safe languages into critical OS components. The vulnerability emerged during a targeted fuzzing campaign aimed at probing Windows' graphics subsystem for weaknesses. Fuzzing a technique that bombards software with malformed inputs to expose" [X Link](https://x.com/The_Cyber_News/status/1979158727719616942) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-17T12:13Z 26.4K followers, 2070 engagements "🚨 Hackers Use DFIR Tool 'Velociraptor' to Attack VMware ESXi and Windows Servers with Ransomware Read more: Ransomware operators are actively exploiting Velociraptor an open-source digital forensics and incident response (DFIR) tool in their attacks. The attack severely impacted the victims IT environment encrypting VMware ESXi virtual machines and Windows servers using Warlock LockBit and Babuk ransomware. Velociraptor is designed for security teams to perform endpoint monitoring and data collection but in this campaign it played a key role in helping the attackers maintain stealthy" [X Link](https://x.com/The_Cyber_News/status/1976476347355500710) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-10T02:34Z 26.8K followers, 26K engagements "🚨 Azure Apps Vulnerability Lets Hackers Create Malicious Apps Mimicking Microsoft Teams Read more: Security flaws in Microsofts Azure ecosystem enable cybercriminals to create deceptive applications that imitate official services like the Azure Portal. By inserting characters like the Combining Grapheme Joiner (U+034F) between letters such as Azure Portal attackers created apps that appeared legitimate on consent screens. This trick worked with over XXX such characters including those in ranges like U+FE00 to U+FE0F. The ploy exploited the fact that many Microsoft apps lack verification" [X Link](https://x.com/The_Cyber_News/status/1980957689892294901) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-22T11:21Z 26.8K followers, 4085 engagements "⚠ F5 Released Security Updates Covering Multiple Products Following Recent Hack Read more: F5 Networks a leading provider of application security and delivery solutions has disclosed a significant security breach involving a nation-state threat actor prompting the release of critical updates for its core products. In response F5 has rolled out patches across BIG-IP F5OS BIG-IQ APM clients and BIG-IP Next for Kubernetes to safeguard customers amid heightened risks. F5 published its Quarterly Security Notification detailing XX vulnerabilities addressed in the latest releases many tied to the" [X Link](https://x.com/The_Cyber_News/status/1979089938030153869) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-17T07:39Z 26.8K followers, 6697 engagements "🚨 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code Remotely Read more: Two high-severity vulnerabilities have been discovered in the popular open-source file archiver 7-Zip which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and CVE-2025-11002 the flaws affect all versions of the software prior to the latest release and require immediate patching. The core of both vulnerabilities lies within the way 7-Zip handles symbolic links embedded in ZIP archives. When a user with a vulnerable version of 7-Zip attempts to decompress the archive the" [X Link](https://x.com/The_Cyber_News/status/1976533769659031704) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-10T06:22Z 26.8K followers, 136.4K engagements "🚨 PoC Exploit for 7-Zip Vulnerabilities that Allows Remote Code Execution Read more: A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files. The flaws tracked as CVE-2025-11001 and CVE-2025-11002 were disclosed by the Zero Day Initiative (ZDI) on October X 2025 and stem from improper handling of symbolic links during ZIP extraction on Windows systems. The core problem lies in 7-Zip's extraction logic which fails to properly validate symlink targets. When" [X Link](https://x.com/The_Cyber_News/status/1979491144208617738) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-18T10:14Z 26.8K followers, 15.3K engagements "🚨 CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks Read more: CISA issued an urgent alert on October XX 2025 highlighting a severe vulnerability CVE-2025-33073 in Microsoft's Windows SMB Client. The vulnerability exploits the Server Message Block (SMB) protocol a cornerstone of Windows file sharing and network communications. This forced authentication grants unauthorized access potentially allowing full control over the compromised device. Attackers leverage this vulnerability through social engineering or drive-by downloads where users accidentaly execute the malicious" [X Link](https://x.com/The_Cyber_News/status/1980468061967904841) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-21T02:55Z 26.8K followers, 29.3K engagements "🚨 M365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data Read more: A sophisticated vulnerability in Microsoft XXX Copilot (M365 Copilot) that allows attackers to steal sensitive tenant data including recent emails through indirect prompt injection attacks. The attack begins when a user asks M365 Copilot to summarize a maliciously crafted Excel spreadsheet. Hidden instructions embedded in white text across multiple sheets use progressive task modification and nested commands to hijack the AIs behavior. #cybersecuritynews" [X Link](https://x.com/The_Cyber_News/status/1980664239514947846) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-21T15:55Z 26.8K followers, 204.5K engagements "🚨 Chinese Hackers Exploiting ToolShell Vulnerability To Compromise Networks Of Government Agencies Read more: China-based threat actors have exploited the critical ToolShell vulnerability in Microsoft SharePoint servers to infiltrate networks across multiple continents targeting government agencies and critical infrastructure in a suspected espionage campaign. This vulnerability identified as CVE-2025-53770 enables unauthenticated remote code execution and has been actively used since its disclosure in July 2025 despite Microsofts rapid patching efforts. ToolShell stems from a" [X Link](https://x.com/The_Cyber_News/status/1981189429793591669) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-23T02:42Z 26.8K followers, 11.5K engagements "🛠 Microsoft Teams to Introduce Highly Anticipated Multitasking Functionality Read more: Microsoft is set to roll out a highly anticipated multitasking feature for its Teams platform which will allow users to open channels in separate windows. This long-awaited update scheduled for release in November addresses one of the most common user requests and promises to improve workflow efficiency for millions of users significantly. According to the Microsoft XXX Roadmap the update tracked as feature ID: 509110 will enable users to break free from the single-window interface that has defined" [X Link](https://x.com/The_Cyber_News/status/1975555353032155298) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-07T13:34Z 26.7K followers, 1680 engagements "🚨 Hackers Abuse Teams Features and Capabilities to Deliver Malware Read more: Microsoft has issued a warning that both cybercriminals and state-sponsored threat actors are increasingly abusing the features and capabilities of Microsoft Teams throughout their attack chains. Threat actors abuse its core capabilities messaging (chat) calls and meetings and video-based screen-sharing at different points along the attack chain. Attackers are leveraging the entire attack lifecycle within the Teams ecosystem from initial reconnaissance to final impact Microsoft said. #cybersecuritynews" [X Link](https://x.com/The_Cyber_News/status/1975744345329578037) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-08T02:05Z 26.7K followers, 15.7K engagements "--- . . Latvian authorities together with Europol Eurojust and investigators from Austria and Estonia carried out a massive coordinated action against a cybercrime group. 🔹 X Latvian cybercriminals arrested 🔹 X additional suspects detained 🔹 X servers taken down 🔹 1200 SIM box devices & 40000 active SIM cards seized This criminal network was behind large-scale SIM fraud operations enabling thousands of cyber fraud cases across Europe. Investigators have linked: 1700 fraud cases in Austria XXX million in losses 1500 fraud cases in Latvia 420000 in losses #cybersecurity #cybercrime #europol" [X Link](https://x.com/The_Cyber_News/status/1980183753084514587) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-20T08:06Z 26.7K followers, 3104 engagements "⚠ CrowdStrike Falcon Windows Sensor Vulnerability Enables Code Execution and File Deletion Read more: CrowdStrike has disclosed and released patches for two medium-severity vulnerabilities in its Falcon sensor for Windows that could allow an attacker to delete arbitrary files. The security vulnerabilities designated as CVE-2025-42701 and CVE-2025-42706 require an attacker to have already gained the ability to execute code on a target system. 📌 CVE-2025-42701 - Time-of-check Time-of-use (TOCTOU) race condition 📌 CVE-2025-42706 - logic error related to origin validation #cybersecuritynews" [X Link](https://x.com/The_Cyber_News/status/1976113593415598205) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-09T02:32Z 26.8K followers, 27.3K engagements "🛠 New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability Read more: A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit raising alarms for Linux system administrators worldwide. CVE-2025-32463 targets the chroot feature in Sudo versions 1.9.14 through 1.9.17 enabling local attackers to escalate privileges to root level with minimal effort. The issue rated at a CVSS score of XXX critical underscores ongoing risks in privilege management tools essential to Unix-like operating systems." [X Link](https://x.com/The_Cyber_News/status/1978008791816753648) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-14T08:03Z 26.8K followers, 24.5K engagements "🚨 FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands Read more: Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October XX 2025 that could enable local authenticated attackers to execute arbitrary system commands. Tracked as CVE-2025-58325 the flaw stems from an incorrect provision of specified functionality (CWE-684) in the CLI component potentially leading to privilege escalation. This could result in full control over the device data exfiltration or further network compromise. No remote exploitation is possible but the low" [X Link](https://x.com/The_Cyber_News/status/1978339035899674724) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-15T05:55Z 26.8K followers, 23.1K engagements "🚨 Windows Remote Desktop Client Vulnerability Let Attackers Execute Remote Code Read more: Microsoft has patched a critical flaw in its Remote Desktop Client that could allow attackers to execute malicious code on victims systems. The flaw affects the Remote Desktop Client a core component for connecting to remote machines. An unauthorized attacker could leverage it over a network by tricking a user into connecting to a malicious RDP server. Once connected the server exploits the use-after-free bug to run arbitrary code in the users context potentially leading to full system compromise. To" [X Link](https://x.com/The_Cyber_News/status/1978368657345454147) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-15T07:53Z 26.8K followers, 10.5K engagements "🚨 Windows Remote Access Connection Manager 0-Day Vulnerability Actively Exploited in Attacks Read more: Microsoft has confirmed active exploitation of a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service allowing attackers to escalate privileges and potentially compromise entire systems. Tracked as CVE-2025-59230 the flaw stems from improper access control enabling low-privileged users to gain SYSTEM-level access. The vulnerability affects multiple Windows versions and has already drawn attention from threat actors targeting enterprise" [X Link](https://x.com/The_Cyber_News/status/1978414465944023291) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-15T10:55Z 26.8K followers, 18.5K engagements "⚠ Microsoft Security Update Causes Active Directory Sync Failures on Windows Server 2025 Read more: Microsoft's security updates have triggered synchronization failures in Active Directory environments running on Windows Server 2025. The issue confirmed on October XX 2025 affects directory synchronization for large security groups potentially halting critical identity management processes across enterprise networks. Applications relying on the Active Directory directory synchronization (DirSync) control such as Microsoft Entra Connect Sync fail to replicate AD security groups with more than" [X Link](https://x.com/The_Cyber_News/status/1978644632868401436) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-16T02:10Z 26.8K followers, 4789 engagements "🛠 Windows XX 24H2/25H2 Update Blocks Mouse and Keyboard in Recovery Mode Read more: Microsofts latest security update has rendered USB keyboards and mice inoperable within the Windows Recovery Environment (WinRE). Released on October XX 2025 as KB5066835 for OS Build 26100.6899 the patch affects Windows XX versions 24H2 and 25H2 as well as Windows Server 2025. The glitch emerged shortly after installation leaving users unable to navigate recovery options during system troubleshooting. The problem surfaces specifically in WinRE a critical boot mode for repairing boot failures resetting PCs or" [X Link](https://x.com/The_Cyber_News/status/1979746489518703022) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-19T03:08Z 26.8K followers, 17.6K engagements "⚠ PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation Read more: A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems enabling attackers with local access to exploit symlink attacks and race conditions for full root privilege escalation. Affected systems include all versions of Linux-PAM prior to the latest patches spanning distributions like Ubuntu Fedora and Red Hat Enterprise Linux. No remote exploitation is possible" [X Link](https://x.com/The_Cyber_News/status/1979903730775736782) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-19T13:33Z 26.8K followers, 8037 engagements "🌐 AWS Declares Major Outage Resolved After Nearly XX Hours of Disruption Read more: Amazon Web Services (AWS) the world's largest cloud computing provider has officially marked a widespread outage in its US-EAST-1 region as resolved following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident which began late on October XX 2025 and persisted until early afternoon on October XX highlighted the fragility of global internet infrastructure reliant on AWS's backbone. By 3:01 PM PDT AWS confirmed all services had returned to normal operations" [X Link](https://x.com/The_Cyber_News/status/1980507006730711335) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-21T05:30Z 26.8K followers, 3201 engagements "🚨 Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code Read more: Google has swiftly addressed a high-severity flaw in its Chrome browser's V8 JavaScript engine releasing an emergency update to thwart potential remote code execution attacks. The vulnerability tracked as CVE-2025-12036 stems from an inappropriate implementation within V8 the open-source JavaScript and WebAssembly engine powering Chrome's rendering capabilities. This patch arrives just days after the discovery underscoring Google's commitment to rapid response in browser security. The Stable channel" [X Link](https://x.com/The_Cyber_News/status/1980868116167995878) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-22T05:25Z 26.8K followers, 2106 engagements "⚠ Multiple Oracle VM VirtualBox Vulnerabilities Enable Complete Takeover Of VirtualBox Read more: Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software potentially allowing attackers to achieve complete control over the VirtualBox environment. These flaws detailed in the October 2025 Critical Patch Update (CPU) affect the Core component of VirtualBox versions 7.1.12 and 7.2.2 enabling high-privileged local attackers to compromise confidentiality integrity and availability with devastating consequences. #cybersecuritynews #vulnerability" [X Link](https://x.com/The_Cyber_News/status/1981348707544289681) [@The_Cyber_News](/creator/x/The_Cyber_News) 2025-10-23T13:15Z 26.8K followers, 1777 engagements
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
Cyber Security News posts on X about microsoft, microsoft teams, amazon web services, javascript the most. They currently have XXXXXX followers and XX posts still getting attention that total XXXXXX engagements in the last XX hours.
Social category influence technology brands XXXXX% stocks #3802 social networks XXX% countries XXXX% finance XXXX%
Social topic influence microsoft #59, microsoft teams #11, amazon web services #775, javascript 4.65%, aws outage 2.33%, snapchat 2.33%, has been 2.33%, shell 2.33%, vmware 2.33%, azure XXXX%
Top accounts mentioned or mentioned by @thecybernews @aki_korhonen @lcopelandjr @jiltedvalkyrie @xandr0ss @parallex001 @kfluffy3 @mathieuchateau
Top assets mentioned Microsoft Corp. (MSFT) Crowdstrike Holdings Inc (CRWD) Alphabet Inc Class A (GOOGL)
Top posts by engagements in the last XX hours
"🔻 AWS Outage Impacts Amazon Snapchat Prime Video Canva and More - Update Read more: A widespread Amazon Web Services (AWS) outage on Monday disrupted operations for millions of users worldwide knocking out access to everything from streaming giants to social media platforms and financial apps. The incident which began early in the morning affected high-profile services like Amazon's own e-commerce site Snapchat Prime Video Canva and countless others reliant on AWS infrastructure. To Get Daily Security Updates add Cyber Security News as your preferred source on Google - #cybersecuritynews"
X Link @The_Cyber_News 2025-10-20T13:19Z 26.8K followers, 8486 engagements
"⚠ Happy DOM Vulnerability Exposes XXX Million Users To Remote Code Execution Attacks Read more: A significant security flaw has been discovered in Happy DOM a popular JavaScript DOM implementation affecting versions up to v19. This vulnerability places systems at risk of Remote Code Execution (RCE) attacks potentially impacting the packages XXX million weekly users. The flaw arises because the Node.js VM Context used by Happy DOM is not a completely isolated environment which can allow untrusted code to escape and gain access to the underlying systems functionalities. To Get Daily Security"
X Link @The_Cyber_News 2025-10-14T02:44Z 26.5K followers, 1376 engagements
"🗼 UEFI Shell Vulnerabilities Could Allow Hackers to Bypass Secure Boot on 200000+ Laptops Read more: Hackers can exploit vulnerabilities in signed UEFI shells to bypass Secure Boot protections on over 200000 Framework laptops and desktops. These vulnerabilities expose fundamental flaws in how modern systems trust boot components potentially enabling persistent malware infections that evade detection. As pre-operating system attacks grow more common echoing threats like BlackLotus and Bootkitty this discovery underscores the risks lurking in the firmware layer we often overlook. To Get Daily"
X Link @The_Cyber_News 2025-10-14T17:10Z 26.5K followers, 8469 engagements
"🚨 Windows Rust Kernel GDI Vulnerability Leads to Crash and Blue Screen of Death Error Read more: A vulnerability in Microsoft's newly implemented Rust-based kernel component for the Graphics Device Interface (GDI) in Windows. This flaw which could trigger a system-wide crash via a Blue Screen of Death (BSOD) highlights the challenges of integrating memory-safe languages into critical OS components. The vulnerability emerged during a targeted fuzzing campaign aimed at probing Windows' graphics subsystem for weaknesses. Fuzzing a technique that bombards software with malformed inputs to expose"
X Link @The_Cyber_News 2025-10-17T12:13Z 26.4K followers, 2070 engagements
"🚨 Hackers Use DFIR Tool 'Velociraptor' to Attack VMware ESXi and Windows Servers with Ransomware Read more: Ransomware operators are actively exploiting Velociraptor an open-source digital forensics and incident response (DFIR) tool in their attacks. The attack severely impacted the victims IT environment encrypting VMware ESXi virtual machines and Windows servers using Warlock LockBit and Babuk ransomware. Velociraptor is designed for security teams to perform endpoint monitoring and data collection but in this campaign it played a key role in helping the attackers maintain stealthy"
X Link @The_Cyber_News 2025-10-10T02:34Z 26.8K followers, 26K engagements
"🚨 Azure Apps Vulnerability Lets Hackers Create Malicious Apps Mimicking Microsoft Teams Read more: Security flaws in Microsofts Azure ecosystem enable cybercriminals to create deceptive applications that imitate official services like the Azure Portal. By inserting characters like the Combining Grapheme Joiner (U+034F) between letters such as Azure Portal attackers created apps that appeared legitimate on consent screens. This trick worked with over XXX such characters including those in ranges like U+FE00 to U+FE0F. The ploy exploited the fact that many Microsoft apps lack verification"
X Link @The_Cyber_News 2025-10-22T11:21Z 26.8K followers, 4085 engagements
"⚠ F5 Released Security Updates Covering Multiple Products Following Recent Hack Read more: F5 Networks a leading provider of application security and delivery solutions has disclosed a significant security breach involving a nation-state threat actor prompting the release of critical updates for its core products. In response F5 has rolled out patches across BIG-IP F5OS BIG-IQ APM clients and BIG-IP Next for Kubernetes to safeguard customers amid heightened risks. F5 published its Quarterly Security Notification detailing XX vulnerabilities addressed in the latest releases many tied to the"
X Link @The_Cyber_News 2025-10-17T07:39Z 26.8K followers, 6697 engagements
"🚨 7-Zip Vulnerabilities Let Attackers Execute Arbitrary Code Remotely Read more: Two high-severity vulnerabilities have been discovered in the popular open-source file archiver 7-Zip which could allow remote attackers to execute arbitrary code. Identified as CVE-2025-11001 and CVE-2025-11002 the flaws affect all versions of the software prior to the latest release and require immediate patching. The core of both vulnerabilities lies within the way 7-Zip handles symbolic links embedded in ZIP archives. When a user with a vulnerable version of 7-Zip attempts to decompress the archive the"
X Link @The_Cyber_News 2025-10-10T06:22Z 26.8K followers, 136.4K engagements
"🚨 PoC Exploit for 7-Zip Vulnerabilities that Allows Remote Code Execution Read more: A proof-of-concept exploit for two critical vulnerabilities in the popular file archiver 7-Zip potentially allowing attackers to execute arbitrary code remotely through malicious ZIP files. The flaws tracked as CVE-2025-11001 and CVE-2025-11002 were disclosed by the Zero Day Initiative (ZDI) on October X 2025 and stem from improper handling of symbolic links during ZIP extraction on Windows systems. The core problem lies in 7-Zip's extraction logic which fails to properly validate symlink targets. When"
X Link @The_Cyber_News 2025-10-18T10:14Z 26.8K followers, 15.3K engagements
"🚨 CISA Warns of Windows SMB Vulnerability Actively Exploited in Attacks Read more: CISA issued an urgent alert on October XX 2025 highlighting a severe vulnerability CVE-2025-33073 in Microsoft's Windows SMB Client. The vulnerability exploits the Server Message Block (SMB) protocol a cornerstone of Windows file sharing and network communications. This forced authentication grants unauthorized access potentially allowing full control over the compromised device. Attackers leverage this vulnerability through social engineering or drive-by downloads where users accidentaly execute the malicious"
X Link @The_Cyber_News 2025-10-21T02:55Z 26.8K followers, 29.3K engagements
"🚨 M365 Copilot Prompt Injection Vulnerability Allows Attackers to Exfiltrate Sensitive Data Read more: A sophisticated vulnerability in Microsoft XXX Copilot (M365 Copilot) that allows attackers to steal sensitive tenant data including recent emails through indirect prompt injection attacks. The attack begins when a user asks M365 Copilot to summarize a maliciously crafted Excel spreadsheet. Hidden instructions embedded in white text across multiple sheets use progressive task modification and nested commands to hijack the AIs behavior. #cybersecuritynews"
X Link @The_Cyber_News 2025-10-21T15:55Z 26.8K followers, 204.5K engagements
"🚨 Chinese Hackers Exploiting ToolShell Vulnerability To Compromise Networks Of Government Agencies Read more: China-based threat actors have exploited the critical ToolShell vulnerability in Microsoft SharePoint servers to infiltrate networks across multiple continents targeting government agencies and critical infrastructure in a suspected espionage campaign. This vulnerability identified as CVE-2025-53770 enables unauthenticated remote code execution and has been actively used since its disclosure in July 2025 despite Microsofts rapid patching efforts. ToolShell stems from a"
X Link @The_Cyber_News 2025-10-23T02:42Z 26.8K followers, 11.5K engagements
"🛠 Microsoft Teams to Introduce Highly Anticipated Multitasking Functionality Read more: Microsoft is set to roll out a highly anticipated multitasking feature for its Teams platform which will allow users to open channels in separate windows. This long-awaited update scheduled for release in November addresses one of the most common user requests and promises to improve workflow efficiency for millions of users significantly. According to the Microsoft XXX Roadmap the update tracked as feature ID: 509110 will enable users to break free from the single-window interface that has defined"
X Link @The_Cyber_News 2025-10-07T13:34Z 26.7K followers, 1680 engagements
"🚨 Hackers Abuse Teams Features and Capabilities to Deliver Malware Read more: Microsoft has issued a warning that both cybercriminals and state-sponsored threat actors are increasingly abusing the features and capabilities of Microsoft Teams throughout their attack chains. Threat actors abuse its core capabilities messaging (chat) calls and meetings and video-based screen-sharing at different points along the attack chain. Attackers are leveraging the entire attack lifecycle within the Teams ecosystem from initial reconnaissance to final impact Microsoft said. #cybersecuritynews"
X Link @The_Cyber_News 2025-10-08T02:05Z 26.7K followers, 15.7K engagements
"--- . . Latvian authorities together with Europol Eurojust and investigators from Austria and Estonia carried out a massive coordinated action against a cybercrime group. 🔹 X Latvian cybercriminals arrested 🔹 X additional suspects detained 🔹 X servers taken down 🔹 1200 SIM box devices & 40000 active SIM cards seized This criminal network was behind large-scale SIM fraud operations enabling thousands of cyber fraud cases across Europe. Investigators have linked: 1700 fraud cases in Austria XXX million in losses 1500 fraud cases in Latvia 420000 in losses #cybersecurity #cybercrime #europol"
X Link @The_Cyber_News 2025-10-20T08:06Z 26.7K followers, 3104 engagements
"⚠ CrowdStrike Falcon Windows Sensor Vulnerability Enables Code Execution and File Deletion Read more: CrowdStrike has disclosed and released patches for two medium-severity vulnerabilities in its Falcon sensor for Windows that could allow an attacker to delete arbitrary files. The security vulnerabilities designated as CVE-2025-42701 and CVE-2025-42706 require an attacker to have already gained the ability to execute code on a target system. 📌 CVE-2025-42701 - Time-of-check Time-of-use (TOCTOU) race condition 📌 CVE-2025-42706 - logic error related to origin validation #cybersecuritynews"
X Link @The_Cyber_News 2025-10-09T02:32Z 26.8K followers, 27.3K engagements
"🛠 New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability Read more: A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit raising alarms for Linux system administrators worldwide. CVE-2025-32463 targets the chroot feature in Sudo versions 1.9.14 through 1.9.17 enabling local attackers to escalate privileges to root level with minimal effort. The issue rated at a CVSS score of XXX critical underscores ongoing risks in privilege management tools essential to Unix-like operating systems."
X Link @The_Cyber_News 2025-10-14T08:03Z 26.8K followers, 24.5K engagements
"🚨 FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands Read more: Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October XX 2025 that could enable local authenticated attackers to execute arbitrary system commands. Tracked as CVE-2025-58325 the flaw stems from an incorrect provision of specified functionality (CWE-684) in the CLI component potentially leading to privilege escalation. This could result in full control over the device data exfiltration or further network compromise. No remote exploitation is possible but the low"
X Link @The_Cyber_News 2025-10-15T05:55Z 26.8K followers, 23.1K engagements
"🚨 Windows Remote Desktop Client Vulnerability Let Attackers Execute Remote Code Read more: Microsoft has patched a critical flaw in its Remote Desktop Client that could allow attackers to execute malicious code on victims systems. The flaw affects the Remote Desktop Client a core component for connecting to remote machines. An unauthorized attacker could leverage it over a network by tricking a user into connecting to a malicious RDP server. Once connected the server exploits the use-after-free bug to run arbitrary code in the users context potentially leading to full system compromise. To"
X Link @The_Cyber_News 2025-10-15T07:53Z 26.8K followers, 10.5K engagements
"🚨 Windows Remote Access Connection Manager 0-Day Vulnerability Actively Exploited in Attacks Read more: Microsoft has confirmed active exploitation of a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service allowing attackers to escalate privileges and potentially compromise entire systems. Tracked as CVE-2025-59230 the flaw stems from improper access control enabling low-privileged users to gain SYSTEM-level access. The vulnerability affects multiple Windows versions and has already drawn attention from threat actors targeting enterprise"
X Link @The_Cyber_News 2025-10-15T10:55Z 26.8K followers, 18.5K engagements
"⚠ Microsoft Security Update Causes Active Directory Sync Failures on Windows Server 2025 Read more: Microsoft's security updates have triggered synchronization failures in Active Directory environments running on Windows Server 2025. The issue confirmed on October XX 2025 affects directory synchronization for large security groups potentially halting critical identity management processes across enterprise networks. Applications relying on the Active Directory directory synchronization (DirSync) control such as Microsoft Entra Connect Sync fail to replicate AD security groups with more than"
X Link @The_Cyber_News 2025-10-16T02:10Z 26.8K followers, 4789 engagements
"🛠 Windows XX 24H2/25H2 Update Blocks Mouse and Keyboard in Recovery Mode Read more: Microsofts latest security update has rendered USB keyboards and mice inoperable within the Windows Recovery Environment (WinRE). Released on October XX 2025 as KB5066835 for OS Build 26100.6899 the patch affects Windows XX versions 24H2 and 25H2 as well as Windows Server 2025. The glitch emerged shortly after installation leaving users unable to navigate recovery options during system troubleshooting. The problem surfaces specifically in WinRE a critical boot mode for repairing boot failures resetting PCs or"
X Link @The_Cyber_News 2025-10-19T03:08Z 26.8K followers, 17.6K engagements
"⚠ PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation Read more: A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems enabling attackers with local access to exploit symlink attacks and race conditions for full root privilege escalation. Affected systems include all versions of Linux-PAM prior to the latest patches spanning distributions like Ubuntu Fedora and Red Hat Enterprise Linux. No remote exploitation is possible"
X Link @The_Cyber_News 2025-10-19T13:33Z 26.8K followers, 8037 engagements
"🌐 AWS Declares Major Outage Resolved After Nearly XX Hours of Disruption Read more: Amazon Web Services (AWS) the world's largest cloud computing provider has officially marked a widespread outage in its US-EAST-1 region as resolved following nearly a full day of cascading failures that disrupted services for millions worldwide. The incident which began late on October XX 2025 and persisted until early afternoon on October XX highlighted the fragility of global internet infrastructure reliant on AWS's backbone. By 3:01 PM PDT AWS confirmed all services had returned to normal operations"
X Link @The_Cyber_News 2025-10-21T05:30Z 26.8K followers, 3201 engagements
"🚨 Chrome V8 JavaScript Engine Vulnerability Let Attackers Execute Remote Code Read more: Google has swiftly addressed a high-severity flaw in its Chrome browser's V8 JavaScript engine releasing an emergency update to thwart potential remote code execution attacks. The vulnerability tracked as CVE-2025-12036 stems from an inappropriate implementation within V8 the open-source JavaScript and WebAssembly engine powering Chrome's rendering capabilities. This patch arrives just days after the discovery underscoring Google's commitment to rapid response in browser security. The Stable channel"
X Link @The_Cyber_News 2025-10-22T05:25Z 26.8K followers, 2106 engagements
"⚠ Multiple Oracle VM VirtualBox Vulnerabilities Enable Complete Takeover Of VirtualBox Read more: Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software potentially allowing attackers to achieve complete control over the VirtualBox environment. These flaws detailed in the October 2025 Critical Patch Update (CPU) affect the Core component of VirtualBox versions 7.1.12 and 7.2.2 enabling high-privileged local attackers to compromise confidentiality integrity and availability with devastating consequences. #cybersecuritynews #vulnerability"
X Link @The_Cyber_News 2025-10-23T13:15Z 26.8K followers, 1777 engagements
/creator/x::The_Cyber_News