CCN on MSN

Ledger researchers find MediaTek Android flaw that could expose crypto wallet seed phrases — here’s why it's concerning

The CVE-2025-20435 exploit requires no malware, no internet connection, and no password. MediaTek powers a huge share of the global Android market, particularly in mid-range ...
Live Bitcoin News

Ledger Donjon Finds MediaTek Flaw Exposing Android Wallet Seeds

Ledger Donjon exposed a MediaTek vulnerability that extracts Android wallet seed phrases in under 45 seconds, affecting millions of devices. CVE-2025-20435.
The Hacker News

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

CISA adds n8n RCE flaw CVE-2025-68613 to KEV after active exploitation; 24,700 exposed instances raise compromise risk.
The Register on MSN

CISA warns max-severity n8n bug is being exploited in the wild

No rest for project maintainers battered by slew of vulnerability disclosures The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that hackers are exploiting a max-severity ...
The Hacker News

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities catalog, based on evidence of active e ...
Infosecurity-magazine.com

Microsoft Fixes Three Zero-Days in Final Patch Tuesday of 2025

Microsoft patched an actively exploited zero-day vulnerability as part of its monthly security update cycle yesterday. CVE-2025-62221 is an elevation of privilege (EoP) bug in the Windows Cloud Files ...
Krebs on Security

Microsoft Patch Tuesday, December 2025 Edition

Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already ...