Cyber-criminals have gradually shifted their focus toward the high-value infrastructure that trains, tunes and serves modern artificial-intelligence models. Over the past six months, incident-response teams have documented a new malware family, tentatively dubbed “ShadowInit,” that targets GPU clusters, model-serving gateways…
Category: Cyber Security News
Microsoft Zero Day Quest Hacking Contest – Rewards Up to $5 Million
Microsoft has announced the return of its groundbreaking Zero Day Quest, the largest public hacking event in history, offering unprecedented bounty rewards of up to $5 million for high-impact security research. Building upon last year’s successful $4 million initiative, this…
The Network-Security Compliance Checklist: 25 Controls, Mapped And Audit-Ready
You’re on a four-day clock. Following new SEC rules announced on July 26, 2023, U.S. public companies must disclose any cybersecurity incident they determine to be ‘material’ within four business days of that determination. For most companies, this requirement became…
New Streamlit Vulnerability Allows Hackers to Launch Cloud Account Takeover Attacks
A critical vulnerability in Streamlit, the popular open-source framework for building data applications, enables attackers to conduct cloud account takeover attacks. The flaw, discovered in February 2025, exploits weaknesses in Streamlit’s st.file_uploader component to bypass file type restrictions and gain…
How To Get Real-Time IOCs From Incidents Across 15K SOCs
Cybersecurity is about staying one step ahead. The security of business assets hinges on proactive threat detection and rapid response powered by data. Every security system and service from network monitoring and incident response to analytics depends on continuous data…
How Certificate Mismanagement Opens The Door For Phishing And MITM Attacks
SSL certificates are used everywhere from websites and APIs to mobile apps, internal tools and CI/CD pipelines. While most teams know they’re important, they often don’t manage them well. Certificates are usually forgotten until something breaks. If they expire, get…
New MCPoison Attack Leverages Cursor IDE MCP Validation to Execute Arbitrary System Commands
A critical vulnerability in Cursor IDE, the rapidly growing AI-powered development environment, enables persistent remote code execution through manipulation of the Model Context Protocol (MCP) system. The vulnerability, tracked as CVE-2025-54136 and dubbed “MCPoison,” exploits a trust validation flaw that…
APT36 Hackers Attacking Indian Government Entities to Steal Login Credentials
A sophisticated phishing campaign attributed to the Pakistan-linked APT36 group has emerged as a serious threat to Indian government infrastructure. First detected in early August 2025, this operation leverages typo-squatted domains designed to mimic official government login portals. When unsuspecting…
Cloudflare Accuses Perplexity AI For Evading Firewalls and Crawling Websites by Changing User Agent
Perplexity AI, an emerging question-answering engine powered by advanced large language models, has recently come under scrutiny for deploying stealth crawling techniques that bypass standard web defenses. Initially launched with transparent intentions, Perplexity’s crawlers would identify themselves via declared user…
Hackers Can Steal IIS Machine Keys by Exploiting SharePoint Deserialization Vulnerability
A sophisticated attack method where hackers are exploiting a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This enables attackers to bypass security measures, forge trusted data, and ultimately achieve persistent Remote Code Execution (RCE) on…
SonicWall Warns of Escalating Cyberattacks Targeting Gen 7 Firewalls in Last 72 Hours
SonicWall has issued an urgent security advisory following a significant increase in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72 hours. The company is actively investigating a wave of attacks that appear to be focused on…
Kimsuky APT Hackers Weaponizing LNK Files to Deploy Reflective Malware Bypassing Windows Defender
North Korean state-sponsored cyber-espionage group Kimsuky has unveiled a sophisticated new campaign targeting South Korean entities through malicious Windows shortcut (LNK) files, demonstrating the group’s continued evolution in stealth and precision. The campaign combines tailored social engineering with advanced malware…
Cisco Hacked – Attackers Stole Profile Details of Users Registered on Cisco.com
Cisco has confirmed it was the target of a cyberattack where a malicious actor successfully stole the basic profile information of an undisclosed number of users registered on Cisco.com. The technology giant revealed that the breach occurred after an employee…
North Korean Hackers Weaponizing NPM Packages to Steal Cryptocurrency and Sensitive Data
A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place…
Famous Chollima APT Hackers Attacking Job Seekers and Organization to Deploy JavaScript Based Malware
North Korean-linked Famous Chollima APT group has emerged as a sophisticated threat actor, orchestrating targeted campaigns against job seekers and organizations through deceptive recruitment processes. Active since December 2022, this advanced persistent threat has developed an intricate multi-stage attack methodology…
Fashion Giant Chanel Hacked in Wave of Salesforce Attacks
French luxury fashion house Chanel has become the latest victim in a sophisticated cybercrime campaign targeting major corporations through their Salesforce customer relationship management systems. The company confirmed on July 25, 2025, that unauthorized threat actors had breached a database…
Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction
Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide. The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code…
Raspberry Robin Malware Downloader Attacking Windows Systems With New Exploit for Common Log File System Driver Vulnerability
The cybersecurity landscape faces a persistent threat as Raspberry Robin, a sophisticated malware downloader also known as Roshtyak, continues its campaign against Windows systems with enhanced capabilities and evasion techniques. First identified in 2021, this USB-propagated malware has demonstrated remarkable…
WAFs protection Bypassed to Execute XSS Payloads Using JS Injection with Parameter Pollution
A sophisticated method to bypass Web Application Firewall (WAF) protections using HTTP Parameter Pollution techniques combined with JavaScript injection. The research, conducted by Bruno Mendes across 17 different WAF configurations from major vendors including AWS, Google Cloud, Azure, and Cloudflare,…
NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control
A critical vulnerability chain in NVIDIA’s Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers. The vulnerability chain, identified as CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334, exploits the server’s Python…