A new information-stealer has emerged targeting job seekers with a trojanized Node.js application named Chessfi. Delivered via a modified npm package hosted on the official repository, the malware blends two previously separate tools—BeaverTail and OtterCookie—into a unified JavaScript payload. Victims…
Category: Cyber Security News
New Phishing Attack Uses Basic Auth URLs to Trick Users and Steal Login Credentials
Early October 2025 witnessed the resurgence of a retro phishing technique that exploits legacy Basic Authentication URLs to deceive users into divulging sensitive credentials. Threat actors crafted links in the format https://username:password@domain.com, embedding a trusted institution’s domain in the username…
Senate Investigates Cisco Over Zero-Day Firewall Vulnerabilities
U.S. Senator Bill Cassidy, Chairman of the Senate Health, Education, Labor, and Pensions (HELP) Committee, has demanded answers from Cisco Systems regarding recent zero-day vulnerabilities in its widely used networking equipment. The October 10, 2025, letter to CEO Chuck Robbins…
Mysterious Elephant APT Hackers Infiltrate Organization to Steal Sensitive Information
In recent months, a new advanced persistent threat (APT) group known as Mysterious Elephant has emerged as a formidable adversary targeting government and diplomatic institutions across the Asia-Pacific region. First identified by Kaspersky’s Global Research and Analysis Team (GReAT) in…
Qilin Ransomware Using Ghost Bulletproof Hosting to Attack Organizations Worldwide
The Qilin ransomware group has emerged as one of the most prolific and dangerous threat actors in the cybersecurity landscape, exploiting sophisticated bulletproof hosting infrastructure to conduct devastating attacks on organizations across multiple sectors. Operating under a Ransomware-as-a-Service (RaaS) model,…
Operation Silk Lure Weaponizing Windows Scheduled Tasks to Drop ValleyRAT
Over the past month, a targeted campaign dubbed Operation Silk Lure has surfaced, exploiting the Windows Task Scheduler to deploy a novel variant of ValleyRAT. Emerging in mid-2025, the operation hinges on spear-phishing emails that carry malicious LNK attachments masquerading…
Beware of Malicious Ivanti VPN Client Sites in Google Search That Delivers Malware
An aggressive SEO poisoning campaign has surfaced in early October 2025, preying on users searching for the legitimate Ivanti Pulse Secure VPN client. Attackers have registered lookalike domains such as ivanti-pulsesecure.com and ivanti-secure-access.org to host trojanized installers that appear official.…
CISA Warns Of Windows Improper Access Control Vulnerability Exploited In Attacks
CISA has added a critical Microsoft Windows vulnerability to its Known Exploited Vulnerabilities catalog, warning organizations that threat actors are actively exploiting it in real-world attacks. Identified as CVE-2025-59230, the flaw stems from improper access control in the Windows Remote…
PhantomVAI Loader Attacking Organizations Worldwide to Deliver AsyncRAT, XWorm, FormBook and DCRat
A sophisticated multi-stage malware campaign is targeting organizations globally, utilizing the PhantomVAI Loader to distribute dangerous information-stealing malware. The attack chain, which begins with carefully crafted phishing emails, has emerged as a significant threat to businesses across manufacturing, education, healthcare,…
Critical Apache ActiveMQ Vulnerability Let Attackers Execute Arbitrary Code
The Apache Software Foundation has disclosed a critical vulnerability in its ActiveMQ NMS AMQP Client that could allow attackers to execute arbitrary code on vulnerable systems. Tracked as CVE-2025-54539, this deserialization flaw poses a serious risk to applications relying on…
New nightMARE Python Library to Analyze Malware and Extract Intelligence Indicators
Since its public debut in October 2025, nightmare has quickly become a vital tool for malware analysts seeking to streamline static and dynamic analysis workflows. Developed by Elastic Security Labs, nightmare brings together mature open-source reverse engineering components under a…
Capita To pay £14 Million For Data Breach Exposes 6.6 Million Users Personal Data
The UK’s Information Commissioner’s Office (ICO) has imposed a £14 million fine on outsourcing giant Capita following a major cyber attack in 2023 that exposed the personal data of 6.6 million individuals. This penalty, split as £8 million to Capita…
CISA Warns Of Adobe Experience Manager Forms 0-Day Vulnerability Exploited In Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a severe code execution vulnerability in Adobe Experience Manager Forms, urging organizations to patch immediately. Tracked as CVE-2025-54253, this flaw affects the Java Enterprise Edition (JEE) version…
Critical Samba RCE Vulnerability Enables Arbitrary Code Execution
Samba has disclosed a severe remote code execution (RCE) flaw that could allow attackers to hijack Active Directory domain controllers. Tracked as CVE-2025-10230, the vulnerability stems from improper validation in the Windows Internet Name Service (WINS) hook mechanism, earning a…
New Banking Malware Abusing WhatsApp to Gain Complete Remote Access to Your Computer
A sophisticated banking Trojan named Maverick has emerged in Brazil, leveraging WhatsApp as its primary distribution channel to compromise thousands of users. The malware campaign was detected in mid-October 2025, with cybersecurity solutions blocking over 62,000 infection attempts in just…
Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
Microsoft has disclosed two critical vulnerabilities in its Windows BitLocker encryption feature, allowing attackers with physical access to bypass security protections and access encrypted data. Released on October 14, 2025, as part of the latest Patch Tuesday updates, these flaws,…
Microsoft Disrupted Vanilla Tempest Attack by Revoking Certificates Used to Sign Fake Teams File
Microsoft announced that it had revoked more than 200 digital certificates exploited by the notorious Vanilla Tempest hacking group. This action effectively disrupted an ongoing campaign where attackers impersonated Microsoft Teams installations to infiltrate corporate networks and deploy ransomware. The…
YouTube Down for Users Globally – Google Confirms Outage – Updated
YouTube experienced a widespread outage on Wednesday, October 15, 2025, disrupting video streaming for millions of users across the United States, Europe, Asia, and beyond. The platform, which serves over 2.7 billion monthly users, saw reports of playback errors and…
How SOCs Detect More Threats without Alert Overload
When your alert queue seems endless, it might feel like threat intelligence is more of a curse than a blessing. But taking the right approach to it will help increase detection rates without stretching resources thin. Top-performing SOC analysts don’t…
Microsoft October 2025 Security Update Causes Active Directory Sync Issues on Windows Server 2025
Microsoft’s latest security updates have triggered synchronization failures in Active Directory environments running on Windows Server 2025. The issue, confirmed on October 14, 2025, affects directory synchronization for large security groups, potentially halting critical identity management processes across enterprise networks.…