Author: CybersecurityNews

Microsoft fixes Windows Server 2022 bug breaking device boot
Summary: Microsoft has addressed a critical bug affecting Windows Server 2022 systems with multiple NUMA nodes that prevented them from starting up. The update includes a servicing stack update to enhance the reliability of the update process. This follows previous fixes for boot issues in Windows Server 2019 and Windows Server 2025, highlighting ongoing efforts to improve system stability.…
Read More
DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
Summary: The DoNot Team has developed a new Android malware named Tanzeem, designed for targeted cyber attacks against specific individuals or groups. The malware masquerades as a chat application but fails to function, instead facilitating intelligence gathering through various malicious activities. This development highlights the group’s evolving tactics, including the abuse of push notifications to deploy additional malware.…
Read More
Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Summary: Recent research has identified significant security vulnerabilities in various tunneling protocols, potentially allowing attackers to hijack internet hosts for anonymous attacks. Approximately 4.2 million hosts, including VPN servers and routers, are at risk, particularly in countries like China, France, and the U.S. Exploiting these vulnerabilities could enable attackers to conduct denial-of-service (DoS) attacks and access private networks.…
Read More
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities
Summary: Kaspersky has revealed multiple vulnerabilities in the Mercedes-Benz User Experience (MBUX) infotainment system, which can potentially be exploited for various attacks. The carmaker has confirmed that these vulnerabilities have been patched and are difficult to exploit, requiring physical access to the vehicle. Mercedes-Benz emphasizes the importance of security and encourages researchers to report any findings through their vulnerability disclosure program.…
Read More
Star Blizzard hackers abuse WhatsApp to target high-value diplomats
Summary: Russian nation-state actor Star Blizzard has initiated a spear-phishing campaign targeting WhatsApp accounts of individuals in government, diplomacy, and organizations related to Ukraine aid. This campaign marks a tactical shift following the exposure of their previous methods, utilizing social engineering techniques to compromise accounts without malware.…
Read More
Summary: Palo Alto Networks has issued a threat briefing on two critical vulnerabilities in Ivanti products, CVE-2025-0282 and CVE-2025-0283, which could allow attackers to execute remote code and escalate privileges. The vulnerabilities affect Ivanti’s Connect Secure, Policy Secure, and ZTA gateway appliances, widely used for remote network connections.…
Read More
Microsoft removes Assassin’s Creed Windows 11 upgrade blocks
Summary: Ubisoft has released patches for Assassin’s Creed Valhalla and Origins to address compatibility issues with Windows 11 24H2, which had caused crashes and other gameplay problems. Microsoft had previously blocked upgrades for PCs running these games due to user complaints. With the new updates, players can now enjoy these titles without the previous disruptions.…
Read More
FTC orders GM to stop collecting and selling driver’s data
Summary: The Federal Trade Commission (FTC) is taking action against General Motors (GM) and its subsidiary OnStar for unlawfully collecting and selling sensitive geolocation and driving behavior data from millions of vehicles. The proposed settlement includes a five-year ban on sharing such data and mandates improved transparency and consumer control over personal information.…
Read More