Category: Cyber Security News

When every minute counts, it’s important to have access to fresh threat intelligence at the tip of your finger. That’s what all high-performing SOC teams have in common. Learn where to get relevant threat data for free and how to…

Read more →

Online PDF editors have become common tools for quick document manipulation, providing convenient alternatives to desktop software. However, their cloud-based nature brings significant security vulnerabilities that both organizations and individuals must carefully consider. Recent cybersecurity research reveals that these platforms present…

Read more →

Cloud Software Group has disclosed multiple high-severity vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that can lead to remote code execution (RCE) and denial of service (DoS). Exploitation of CVE-2025-7775 has been observed in…

Read more →

Microsoft has released a new VM Conversion extension for Windows Admin Center, designed to streamline the migration of VMware virtual machines from vCenter to Hyper-V environments.  The preview tool, announced on August 20, 2025, provides enterprises with a cost-free solution…

Read more →

Online PDF editors have become ubiquitous tools for quick document manipulation, offering convenient alternatives to desktop software. However, their cloud-based nature introduces significant security vulnerabilities that organizations and individuals must carefully consider. Recent cybersecurity research reveals that these platforms present multiple…

Read more →

Major French retail chain Auchan announced on August 21, 2025, that it suffered a significant cybersecurity incident resulting in the unauthorized access and theft of personal data from “several hundred thousand” customer loyalty accounts.  The breach represents another critical example…

Read more →

The cybersecurity landscape has been significantly impacted by the discovery and active exploitation of two critical zero-day vulnerabilities in WinRAR, one of the world’s most widely used file compression utilities.  CVE-2025-6218 and CVE-2025-8088 represent sophisticated attack vectors that have enabled threat actors to…

Read more →

Google has disclosed a critical zero-day vulnerability in the V8 JavaScript engine used by Chrome, tracked as CVE-2025-5419.  Before a patch could be rolled out to all users, proof-of-concept (PoC) exploit code had been published, and active exploitation had been…

Read more →

In August 2025, researchers at George Mason University published a groundbreaking study at the 34th USENIX Security Symposium, introducing OneFlip, an inference-time backdoor attack that flips just one bit in full-precision neural networks to implant stealth triggers. Unlike traditional backdoor…

Read more →

WhatsApp Desktop users who have Python installed on their Windows PCs are at risk of arbitrary code execution due to a flaw in how the application handles Python archive files.  A maliciously crafted .pyz file can be executed with a…

Read more →

A malvertising campaign using sponsored results on Microsoft’s search platform delivered a weaponized PuTTY that established persistence, enabled hands-on keyboard control, and executed Kerberoasting to target Active Directory service accounts. According to an investigation published by LevelBlue’s MDR SOC and…

Read more →

A comprehensive analysis of the top 10 social media platforms reveals that X (formerly Twitter) stands out as the most invasive collector of user location information, gathering both precise and coarse location data across all categories listed in Apple’s App…

Read more →

Android droppers have evolved from niche installers for heavyweight banking Trojans into universal delivery frameworks, capable of deploying even rudimentary spyware or SMS stealers. Initially, droppers served banking malware families that required elevated Accessibility permissions to harvest credentials. These small…

Read more →

A massive coordinated scanning campaign targeting Microsoft Remote Desktop Protocol (RDP) services, with threat actors deploying over 30,000 unique IP addresses to probe for vulnerabilities in Microsoft RD Web Access and RDP Web Client authentication portals.  The campaign represents one…

Read more →

CISA has issued a critical alert regarding three newly identified vulnerabilities being actively exploited by threat actors. On August 25, 2025, CISA added these high-risk Common Vulnerabilities and Exposures (CVEs) to its Known Exploited Vulnerabilities (KEV) Catalog, signaling immediate concern…

Read more →

A stealthy espionage campaign emerged in early 2025 targeting diplomats and government entities in Southeast Asia and beyond. At the heart of this operation lies STATICPLUGIN, a downloader meticulously disguised as a legitimate Adobe plugin update. Victims encountered a captive…

Read more →

A sophisticated campaign of cyber sabotage unfolded against Iran’s maritime communications infrastructure in late August 2025, cutting off dozens of vessels from vital satellite links and navigation aids. Rather than targeting each ship individually—a logistical nightmare across international waters—the attackers…

Read more →

In recent months, security teams have observed the emergence of a highly versatile Android backdoor, Android.Backdoor.916.origin, masquerading as a legitimate antivirus application. Distributed via private messaging services under the guise of “GuardCB,” its icon closely mimics the emblem of the…

Read more →

In recent months, cybersecurity researchers have observed a surge in targeted campaigns by a sophisticated Chinese APT group leveraging commercial proxy and VPN services to mask their attack infrastructure. The emergence of this tactic coincides with a broader shift toward…

Read more →

In recent weeks, cybersecurity investigators have uncovered a novel campaign in which hackers leverage seemingly benign potentially unwanted program (PUP) advertisements to deliver stealthy Windows malware. The lure typically begins with ads promoting free PDF tools or desktop assistants that…

Read more →