Millions of Brother Printers Hit by Critical, Unpatchable Bug darkreadingAlexander Culafi, Senior News Writer, Dark Reading
June 25, 2025

A slew of vulnerabilities, including a critical CVSS 9.8 that enables an attacker to generate the default admin password, affect hundreds of printer, scanner, and label-maker models made by manufacturer …


CISA Is Shrinking: What Does It Mean for Cyber? darkreadingDark Reading Staff
June 25, 2025

Dark Reading Confidential Episode 7: Cyber experts Tom Parker and Jake Williams offer their views on the practical impact of cuts to the US Cybersecurity and Infrastructure Security Agency. Dark Reading …


nOAuth Vulnerability Still Affects 9% of Microsoft Entra SaaS Apps Two Years After Discovery The Hacker [email protected] (The Hacker News)
June 25, 2025

New research has uncovered continued risk from a known security weakness in Microsoft's Entra ID, potentially enabling malicious actors to achieve account takeovers in susceptible software-as-a-service (SaaS) applications. Identity security company …


Dire Wolf Ransomware Comes Out Snarling, Bites Technology, Manufacturing darkreadingElizabeth Montalbano, Contributing Writer
June 25, 2025

The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan. The emerging …


Hundreds of MCP Servers Expose AI Models to Abuse, RCE darkreadingNate Nelson, Contributing Writer
June 25, 2025

The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks. The servers that connect AI with real-world data are occasionally wide-open channels for cyberattacks.  ​Read More


Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC The Hacker [email protected] (The Hacker News)
June 25, 2025

Citrix has released security updates to address a critical flaw affecting NetScaler ADC that it said has been exploited in the wild. The vulnerability, tracked as CVE-2025-6543, carries a CVSS score …


Generative AI Exacerbates Software Supply Chain Risks darkreadingGeorgianna Shea, Elaine Ly
June 25, 2025

Malicious actors are exploiting AI-fabricated software components — presenting a major challenge for securing software supply chains. Malicious actors are exploiting AI-fabricated software components — presenting a major challenge for securing …


Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure The Hacker [email protected] (The Hacker News)
June 25, 2025

Cybersecurity researchers have detailed two now-patched security flaws in SAP Graphical User Interface (GUI) for Windows and Java that, if successfully exploited, could have enabled attackers to access sensitive information …


XOR Marks the Flaw in SAP GUI darkreadingJai Vijayan, Contributing Writer
June 25, 2025

The company has patched two vulnerabilities in its Graphical User Interface that would have allowed attackers to grab data from a user's input history feature. The company has patched two vulnerabilities …


CISA Adds Three Known Exploited Vulnerabilities to Catalog AlertsCISA
June 25, 2025

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-54085 AMI MegaRAC SPx Authentication Bypass by Spoofing Vulnerability CVE-2024-0769 D-Link DIR-859 Router Path …