In early August 2025, a previously quiet cybercrime collective known as Scattered Spider resurfaced with a striking new Telegram channel that aggregates proof of its intrusions and data exfiltration operations. The channel name fuses ShinyHunters, Scattered Spider, and Lapsus$, signaling…
Category: Cyber Security News
Wikipedia Lost Legal Battle Against The UK’s Online Safety ACT Regulations
Wikipedia has suffered a significant legal defeat in its attempt to avoid being classified under the UK’s stringent Online Safety Act regulations. The High Court ruled against the Wikimedia Foundation and a Wikipedia user, known only as “BLN,” who challenged…
Apache bRPC Vulnerability Allows Attackers to Crash the Service via Network
A severe vulnerability in Apache bRPC has been discovered that allows attackers to crash services through network exploitation, affecting all versions prior to 1.14.1. The vulnerability, identified as CVE-2025-54472 with “important” severity classification, stems from unlimited memory allocation in the…
Reddit to Block Internet Archive as AI Companies Have Scraped Data From Wayback Machine
Reddit has announced plans to significantly restrict the Internet Archive’s Wayback Machine from indexing its platform, citing concerns that AI companies have been exploiting the archival service to circumvent Reddit’s data protection policies. The move represents another escalation in Reddit’s…
NCSC Warns of Citrix Netscaler Vulnerability CVE-2025-6543 Exploited to Breach Orgs
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler devices. The vulnerability, designated CVE-2025-6543, has been actively exploited since early May 2025, successfully compromising…
Researchers Details Masking Malicious Scripts and Bypass Defense Mechanisms
The cybersecurity landscape continues to evolve as threat actors develop increasingly sophisticated methods to evade detection systems. Recent research has unveiled a comprehensive analysis of payload obfuscation techniques that enable malicious scripts to bypass modern defense mechanisms, including web application…
Smart Bus Systems Vulnerability Let Hackers Remotely Track and Control Vehicles
A newly discovered security flaw in leading smart bus systems threatens to expose passenger safety and fleet integrity. Researchers have identified a critical vulnerability CVE-2025-44179 in the remote management interface of several major transit providers’ onboard modems. Exploiting this weakness,…
DarkBit Hackers Attacking VMware ESXi Servers to Deploy Ransomware and Encrypts VMDK Files
A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores. Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…
Hackers Using ClickFix Technique to Attack Windows Machine and Execute Powershell Commands
A sophisticated new attack campaign has emerged targeting Israeli businesses and infrastructure sectors through a deceptive social engineering technique known as “ClickFix,” which tricks users into executing malicious PowerShell commands on their Windows systems. The multi-stage attack chain begins with…
Erlang/OTP SSH RCE Vulnerability Exploited in the Wild to Attack Across OT Networks
A critical remote code execution vulnerability in Erlang/OTP’s SSH daemon has been actively exploited in the wild, with cybercriminals targeting operational technology networks across multiple industries. CVE-2025-32433, carrying the maximum CVSS score of 10.0, allows unauthenticated attackers to execute arbitrary…
Hackers Behind $100 Million Romance Scams and Other Frauds Extradited to US
Four Ghanaian nationals orchestrating an international cybercrime operation that defrauded victims of over $100 million through sophisticated romance scams and business email compromise attacks have been extradited to the United States. The criminal organization, led by Isaac Oduro Boateng, Inusah…
Linux Legitimate System Behaviours Weaponized to Harvest Secrets from Shared Environments
A significant vulnerability in multi-user Linux environments, where standard system behaviors can be exploited to harvest sensitive credentials and secrets from other users. The research, presented in “Silent Leaks: Harvesting Secrets from Shared Linux Environments,” demonstrates how legitimate system tools…
UAC‑0099 Tactics, Techniques, Procedures and Attack Methods Unveiled
UAC‑0099, a sophisticated threat actor group that has been active since at least 2022, continues to pose a significant cybersecurity threat through its evolving cyber-espionage campaigns targeting Ukrainian government agencies, military organizations, and defense-industrial entities. The group has demonstrated remarkable…
CastleLoader Malware Infected Over 400+ Devices Using Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader that emerged in early 2025, has successfully compromised 469 devices out of 1,634 infection attempts since May 2025, achieving an alarming 28.7% infection rate. This versatile threat has primarily targeted U.S. government entities through advanced…
Silent Watcher Attacking Windows Systems and Exfiltrate Data Using Discord Webhook
A sophisticated Visual Basic Script (VBS) malware dubbed “Silent Watcher” has emerged as a persistent threat targeting Windows systems, demonstrating advanced data exfiltration capabilities through Discord webhooks. This stealer, part of the Cmimai malware family, represents a concerning evolution in…
Meta’s New Feature Transforms Instagram to a New Real-Time Location Broadcaster
Meta has introduced a groundbreaking feature that fundamentally transforms Instagram from a traditional photo-sharing platform into a comprehensive real-time location broadcasting system. The new “Map” functionality represents a significant architectural shift in social media design, enabling users to continuously transmit…
SoupDealer Malware Bypasses Every Sandbox, AV’s and EDR/XDR in Real-World Incidents
In early August 2025, cybersecurity teams in Türkiye observed a new, highly evasive Java‐based loader that slipped past every public sandbox, antivirus solution, and even enterprise EDR/XDR platforms. This threat—codenamed SoupDealer—surfaced as a phishing campaign distributing a three‐stage loader via…
Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks
A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target systems without detection. The research, presented at DEF CON 2025, demonstrates the first known case…
Hackers Poison Google Paid Ads With Fake Tesla Websites to Deliver Malware
In recent weeks, a flurry of sponsored listings promising preorders for Tesla’s anticipated Optimus robots began appearing at the top of Google search results. These advertisements directed unsuspecting users to counterfeit microsites mimicking Tesla’s design, purporting to accept $250 “non-refundable”…
What is ClickFix Attack – How Hackers are Using it to Attack User Device With Malware
ClickFix has emerged as one of the most dangerous and rapidly growing cybersecurity threats of 2025, representing a sophisticated evolution in social engineering attacks. This deceptive technique has surged by an unprecedented 517% in the first half of 2025, becoming…