thecyberexpress

Microsoft Patch Tuesday December 2025: One Zero-Day, Six High-Risk Flaws Fixed

Microsoft patched 57 vulnerabilities in its Patch Tuesday December 2025 update, including one exploited zero-day and six high-risk vulnerabilities. The exploited zero-day is CVE-2025-62221, a ...
thecyberexpress

Australian Social Media Ban Takes Effect as Kids Scramble for Alternatives

Australia’s world-first social media ban for children under age 16 takes effect on December 10, leaving kids scrambling for alternatives and the Australian government with the daunting task of ...
thecyberexpress

Akira Ransomware Group Poses ‘Imminent Threat’ to Critical Infrastructure: CISA

The Akira ransomware group poses an “imminent threat to critical infrastructure,” the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today. CISA joined with the FBI, other U.S.
thecyberexpress

APT28’s Recent Campaign Combined Steganography, Cloud C2 into a Modular Infection Chain

APT28, the long-running actor tracked as Fancy Bear, Sofacy and Sednit, used a compact but technically sophisticated campaign that researchers documented as Phantom Net Voxel. The campaign is an ...
thecyberexpress

CrowdStrike Among Those Hit in NPM Attack Campaign

More than 20 CrowdStrike NPM packages were among nearly 200 NPM packages hit by a sophisticated supply chain attack. The compromised packages were quickly removed and CrowdStrike said its Falcon ...
thecyberexpress

Noem Fires FEMA IT Team Over DHS Cybersecurity Failures

Kristi Noem fires 24 FEMA IT staff after DHS audit reveals major cybersecurity failures. No data was stolen, but vulnerabilities sparked immediate action.
thecyberexpress

What Are Vulnerabilities: Types, Examples, Causes, and More!

This article talks about what are vulnerabilities, their types & causes, and details how to implement a winning vulnerability management strategy.
thecyberexpress

How One Researcher Hacked McDonalds and Found Flaws

A researcher hacked McDonalds over free nuggets, uncovering critical security flaws, exposed data, and a flawed response to vulnerabilities.
thecyberexpress

CISA Warns of CVE-2025-8875 and CVE-2025-8876 in N-central

CISA flags active exploits in N-able N-central: CVE-2025-8875 (deserialization) and CVE-2025-8876 (command injection).
thecyberexpress

Microsoft Teams CVE-2025-53783 RCE Vulnerability Alert

Microsoft has disclosed a serious vulnerability in its collaboration platform, Microsoft Teams, that could open the door to Remote Code Execution (RCE) attacks. The flaw, tracked as CVE-2025-53783, ...
thecyberexpress

Adobe Security Update Fixes 60+ Flaws in 13 Products

Adobe has issued a new set of security patches addressing more than 60 vulnerabilities across 13 of its widely used software products. This update, part of the company’s routine Adobe Patch Tuesday ...
thecyberexpress

Citrix Vulnerability CVE-2025-6543 Exploited in Attacks

The Dutch National Cyber Security Centre (NCSC) has confirmed that a serious vulnerability in Citrix NetScaler systems, identified as CVE-2025-6543, ...