A critical security flaw in the Next.js framework, marked as CVE-2025-29927, lets attackers bypass authorization, threatening web applications. This vulnerability stems from the mishandling of the x-middleware-subrequest header in Next.js middleware, which could allow unauthorized access to sensitive admin areas and protected resources. The vulnerability affects various versions of the …
Read More »“SikkahBot” Malware targets “bKash” “Nagad” “MYGP” “DBBL” with banking users in Bangladesh
A new Android malware called SikkahBot is targeting students in Bangladesh by pretending to be official apps from the Bangladesh Education Board. Cyble Research and Intelligence Labs (CRIL) found that this malware has been active since July 2024. According to CRIL, the SikkahBot malware is distributed through shortened URLs, including …
Read More »
CVE-2025-55177
WhatsApp patches zero day vuln exploited in the wild
Meta’s WhatsApp Security Team has fixed a zero-day vulnerability (CVE-2025-55177) in WhatsApp for iOS (before v2.25.21.73), WhatsApp Business for iOS (before v2.25.21.78), and WhatsApp for Mac (before v2.25.21.78). According to the advisory, “Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS …
Read More »3 critical vulnerabilities affect Hikvision product: Patch Now
The Hikvision Security Response Center issued advisory revealing three critical vulnerabilities in HikCentral products. CVE identifiers CVE-2025-39245, CVE-2025-39246, and CVE-2025-39247 represent vulnerabilities with moderate to high severity, potentially allowing attackers to execute unauthorized commands, gain elevated privileges, or obtain administrative access. Summary: (1) There is a CSV Injection Vulnerability in …
Read More »Storm-0501 Deletes Data and Backups Post-Exfiltration on Azure in Hybrid Cloud Attacks
Storm-0501 has erased data and backups after stealing information from a victim’s Microsoft Azure environment in a new cloud based ransomware attack. Microsoft Threat Intelligence recently provided details of the tactics deployed by the actor tracked as Storm-0501 in a blog published on August 27. Sherrod DeGrippo, director of Microsoft …
Read More »
(CVE-2025-20241)
Cisco Warns of High-Severity Flaw in Nexus Switches
Cisco Systems released a security advisory about a critical denial-of-service vulnerability in the Nexus 3000 and 9000 Series Switches using NX-OS software. The flaw, identified as CVE-2025-20241 and rated 7.4 on the CVSS scale, can let an unauthenticated nearby attacker interrupt essential network services. Cisco explains that “a vulnerability in …
Read More »ShadowSilk Hits 35 Org in Asia and APAC Using Telegram Bots
Research by Group-IB has linked cyber-attacks on government organizations in Central Asia and the Asia-Pacific to a threat group called ShadowSilk. The activity started in 2023 and is still ongoing in July 2025, showing clear links to the YoroTrooper group. What’s different now is the size and structure of the …
Read More »Citrix patches critical NetScaler RCE flaw exploited in zero-day attacks
Citrix has issued fixes for three security vulnerabilities in NetScaler ADC and NetScaler Gateway, one of which is currently being exploited. The vulnerabilities in question are listed below: CVE-2025-7775 (CVSS score: 9.2): Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service CVE-2025-7776 (CVSS score: 8.8): Memory overflow vulnerability leading …
Read More »
CVE-2025-9074
Docker Fixes Critical Desktop flaw With CVSS Score 9.3
Docker has issued fixes for a critical security vulnerability in the Docker Desktop app for Windows and macOS that could enable an attacker to escape a container. The vulnerability CVE-2025-9074 has a CVSS score of 9.3 and is fixed in version 4.44.3. “A malicious container running on Docker Desktop could access …
Read More »“Gayfemboy” Malware Exploiting Cisco, TP-Link and Other Routers
A new malware campaign is targeting various network devices, including routers from DrayTek, TP-Link, Raisecom, and Cisco. In July 2025, researchers found a stealthy loader spreading by taking advantage of unauthenticated command injection flaws in embedded web services. Compromise starts with simple HTTP requests that deliver a specific downloader script …
Read More »
InfoSecBulletin Cybersecurity for mankind