The BlueNoroff threat group, also tracked as Sapphire Sleet, APT38, and TA444, has significantly evolved its targeting capabilities with sophisticated new infiltration strategies designed specifically to compromise C-level executives and senior managers within the Web3 and blockchain sectors. The group,…
Category: Cyber Security News
How Threat Intelligence Feeds Help Organizations Quickly Mitigate Malware Attacks
Organizations today face constant threats from malware, including ransomware, phishing attacks, and zero-day exploits. These threats are evolving faster than ever. Threat intelligence feeds emerge as a game-changer, delivering real-time, actionable data that empowers security teams to detect and neutralize…
XWiki RCE Vulnerability Actively Exploted In Wild To Deliver Coinminer
A critical remote code execution (RCE) flaw in XWiki, a popular open-source wiki platform, was exploited in the wild to deploy cryptocurrency mining malware on compromised servers. The vulnerability, tracked as CVE-2025-24893, allows unauthenticated attackers to inject malicious templates and…
Mozilla Wants All New Firefox Extensions to Disclose Data Collection Policies
Mozilla is implementing a significant transparency requirement for Firefox extensions, mandating that all new browser add-ons disclose their data collection practices to users before installation. Starting November 3rd, 2025, developers submitting fresh extensions to the Firefox ecosystem must declare whether…
Ubuntu’s Kernel Vulnerability Let Attackers Escalate Privileges and Gain Root Access
A critical vulnerability in Ubuntu’s Linux kernel has been exposed, allowing local attackers to escalate privileges and potentially gain root access on affected systems. Disclosed at TyphoonPWN 2025, the flaw stems from a reference count imbalance in the af_unix subsystem,…
Water Saci Hackers Leverage WhatsApp to Deliver Multi-Vector Persistent SORVEPOTEL Malware
A sophisticated malware campaign targeting Brazilian users has emerged with alarming capabilities. The Water Saci campaign, identified by Trend Micro analysts as leveraging the SORVEPOTEL malware, exploits WhatsApp as its primary distribution vector for rapid propagation across victim networks. First…
New Gamaredon Phishing Attack Targeting Govt Entities Exploiting WinRAR Vulnerability
The cybersecurity landscape continues to evolve with increasingly sophisticated distribution mechanisms, and one trend gaining alarming momentum is the delivery of infostealer malware through seemingly innocent video game cheats and mod tools. These applications, marketed as performance enhancers or gameplay…
Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures. Disclosed on October 24, 2025, under CVE-2025-55315, this flaw stems from HTTP Request Smuggling (CWE-444) and poses risks to systems relying on…
X to Phase Out Twitter Domain – Users Advised to Re-enroll in 2FA Keys
Social media platform X announced that it will stop supporting the old Twitter.com website for two-factor authentication (2FA) by November 10, 2025. This change marks the platform’s shift away from its Twitter roots. Users relying on security keys tied to…
Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System
IPFire 2.29 Core Update 198 marks a significant advancement for users of this open-source firewall, introducing enhanced Intrusion Prevention System (IPS) capabilities powered by Suricata 8.0.1. This release emphasizes improved network monitoring through innovative reporting tools, alongside toolchain rebasing and…
CISA Warns Of Critical Veeder-Root Vulnerabilities Let Attackers Execute System-level Commands
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark advisory highlighting two severe vulnerabilities in Veeder-Root’s TLS4B Automatic Tank Gauge System, a critical tool used in fuel storage and management across the energy sector. These flaws, if…
First Zero Click Attack Exploits MCP and Connected Popular AI Agents To Exfiltrate Data Silently
A new zero-click attack dubbed Shadow Escape exploits the Model Context Protocol (MCP) to silently steal sensitive data via popular AI agents such as ChatGPT, Claude, and Gemini. This vulnerability, uncovered by Operant, allows malicious actors to exfiltrate personally identifiable…
Google Denies Claims of Gmail Security Breach Impacting Millions
Google has firmly denied claims of a massive Gmail security breach affecting millions of users. The tech giant emphasized that its email service remains secure, with no evidence of a widespread compromise. Instead, the misinformation appears to stem from a…
Swedish Power Grid Operator Confirms Data Breach Following Everest Ransomware Gang Claim
Svenska kraftnät, Sweden’s primary electricity transmission system operator, has confirmed a significant data breach on October 26, 2025. The incident has drawn attention from cybersecurity experts and government authorities as it involves critical infrastructure responsible for managing the nation’s power…
Beware of Free Video Game Cheats That Delivers Infostealer Malwares
The competitive nature of gaming drives millions of players to seek advantages against their opponents. With esports tournaments boasting prize pools exceeding $1.25 million, the stakes have never been higher. However, this competitive spirit has created an opportunity for cybercriminals…
OpenVPN Vulnerability Exposes Linux, macOS Systems to Script Injection Attacks
A new vulnerability in early versions of OpenVPN has been disclosed, potentially allowing malicious servers to execute arbitrary commands on client machines. The flaw affects OpenVPN releases from 2.7_alpha1 to 2.7_beta1, enabling script-injection attacks on POSIX-based systems such as Linux,…
Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks
The Apache Software Foundation has highlighted critical flaws in Apache Tomcat, a widely used open-source Java servlet container that powers numerous web applications. On October 27, 2025, Apache disclosed two vulnerabilities, CVE-2025-55752 and CVE-2025-55754, affecting multiple versions of Tomcat. While…
81% Router Usres Have Not Changed Default Admin Passwords, Exposing Devices to Hackers
In late 2025, a staggering 81% of broadband users were found to have never changed their router’s default administrative password, opening the door to significant malware risk. This widespread negligence was revealed in Broadband Genie’s fourth major router security survey,…
iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot
The emergence of Pegasus and Predator spyware over the past several years has transformed the landscape of mobile device security. These advanced malware strains—deployed by sophisticated threat actors for surveillance and espionage—have repeatedly demonstrated their ability to exploit zero-click vulnerabilities,…
Predatory Sparrow Group Attacking Critical Infrastructure to Destroy Data and Cause Disruption
Predatory Sparrow has emerged as one of the most destructive cyber-sabotage groups targeting critical infrastructure across the Middle East, with operations focused primarily on Iranian and Syrian assets. The hacktivist group, believed to be affiliated with Israeli interests, has orchestrated…