Cybersecurity News Bytes

September 2025 Cybersecurity News Google’s September 2025 Android Security Patch Addresses Active Exploits September’s Android security bulletin revealed a substantial update: Google patched 120 security flaws, including two critical vulnerabilities…

Cloudflare Blocks 11.5 Tbps DDoS Attack: New Record and Technical Analysis Cloudflare announced it successfully mitigated the largest distributed denial-of-service (DDoS) attack on record, peaking at 11.5 terabits per second…

Android Security Update: September 2025 Patch Fixes 120 Vulnerabilities, Including Two Zero-Day Attacks Google has delivered its September 2025 security fixes for Android, addressing 120 vulnerabilities, of which two zero-day…

SAP S/4HANA Critical Command Injection Vulnerability Actively Exploited A significant security threat has emerged targeting SAP S/4HANA installations through a critical command injection vulnerability, identified as CVE-2025-42957 with a CVSS…

New Zealand Enacts Biometrics Privacy Code: Regulatory Shift for Facial Recognition Technology New Zealand’s Privacy Commissioner has announced a new Biometric Processing Privacy Code targeting organizations employing biometric technologies such…

Critical SAP S/4HANA Code Injection Flaw Exploited in the Wild Security researchers have confirmed active exploitation of a newly disclosed code injection vulnerability in SAP S/4HANA systems, tracked as CVE-2025-42957.…

Google Observes ViewState Deserialization Attacks Leveraging Exposed Sample Machine Key Recent research has identified ongoing ViewState deserialization attacks exploiting an exposed sample machine key that appeared in older deployment guides.…

Chrome Fixes High-Severity V8 Use-After-Free Vulnerability Google has released a new update for Chrome in early September 2025 to address a high-severity vulnerability within the browser’s V8 JavaScript engine. This…

Salesforce Data Exposed at Multiple Security Vendors and OAuth Token Compromise Several leading cybersecurity companies suffered data breaches as attackers accessed Salesforce customer contact information and support case data via…

Salesforce Targeted in Widespread Credential Theft Campaign A recent, large-scale credential theft operation has targeted Salesforce customers, leading to systematic data exfiltration and raising concerns over supply chain vulnerability. The…