A new offensive security tool developed in Rust is demonstrating a novel method for bypassing modern Endpoint Detection and Response (EDR) systems by exploiting an overlooked behavior in the Windows API. Dubbed Indirect-Shellcode-Executor, the tool leverages the ReadProcessMemory function to…
Category: Cyber Security News
Hackers Sell Lifetime Access to WormGPT and KawaiiGPT for Just $220
Cybercriminals are now selling lifetime access to malicious AI chatbots WormGPT and KawaiiGPT for as little as $220, marking a dangerous new chapter in AI-powered cybercrime. These tools remove all ethical restrictions found in mainstream AI models, enabling attackers to…
Hackers Exploit NTLM Authentication Flaws to Target Windows Systems
More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical vulnerability has evolved into a widespread security crisis, with attackers actively weaponizing multiple NTLM flaws…
Developers Expose Passwords and API Keys via Online Tools like JSONFormatter
Developers are unintentionally exposing passwords, API keys, and sensitive data in production information into online formatting tools such as JSONFormatter and CodeBeautify. New research from watchTowr shows that thousands of secrets from critical organizations have been publicly accessible for years…
Microsoft Details Security Risks of New Agentic AI Feature
In recent weeks, discussions have centered on Microsoft’s experimental agentic AI feature, which has introduced both advanced task automation and significant security concerns. This agentic capability, available to Windows insiders as part of Copilot Labs, is designed to allow digital…
HashJack: New Attack Technique Tricks AI Browsers Using a Simple ‘#’
Security researchers at Cato CTRL have discovered a new indirect prompt injection technique called HashJack, which weaponises legitimate websites to manipulate AI browser assistants. The attack conceals malicious instructions after the “#” symbol within trusted URLs, enabling threat actors to conduct…
Tor Adopts Galois Onion Encryption to Strengthen Defense Against Online Attacks
The Tor Project has announced a significant cryptographic overhaul, retiring its legacy relay encryption algorithm after decades of service and replacing it with Counter Galois Onion (CGO). This research-backed encryption design defends against a broader class of sophisticated online attackers.…
Microsoft Teams Introduces New Feature to Boost Performance and Startup Speed
Microsoft has announced a significant update to the Teams Desktop Client for Windows that aims to enhance performance and reduce startup times for calling features. The update, detailed in the Message Center notification MC1189656 published on November 25, 2025, introduces…
ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access
ASUS has disclosed a high security vulnerability in its MyASUS application that could allow local attackers to escalate their privileges to SYSTEM-level access on affected Windows devices. The flaw, tracked as CVE-2025-59373, carries a high-severity CVSS 4.0 score of 8.5,…
Apache Syncope Vulnerability Allows Attacker to Access Internal Database Content
A significant issue has been disclosed that affects multiple versions of the identity and access management platform. The flaw stems from a hardcoded default encryption key used for password storage, allowing attackers with database access to recover plaintext passwords. The…
Cobalt Strike 4.12 Released With New Process Injection, UAC Bypasses and Malleable C2 Options
New release brings significant improvements to the penetration testing framework, introducing enhanced GUI features, REST API support, and powerful new evasion techniques that security researchers can leverage for offensive operations. The latest release features a completely redesigned graphical interface with…
YAMAGoya – Real-Time Threat Monitoring Tool Using Sigma and YARA Rules
Modern cybersecurity faces an escalating challenge: fileless malware and obfuscation techniques increasingly bypass traditional file-based detection methods. To address this growing threat, JPCERT/CC has released YAMAGoya. This open-source threat hunting tool leverages industry-standard detection rules to identify suspicious activity in…
Russian and North Korean Hackers Form Alliances to Attack Organizations Worldwide
State-sponsored hacking groups have historically operated in isolation, each pursuing its own national agenda. However, new evidence reveals that two of the world’s most dangerous advanced persistent threat (APT) actors may now be working together. Russia-aligned Gamaredon and North Korea’s…
KawaiiGPT – New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks
KawaiiGPT, a free malicious large language model (LLM) first spotted in July 2025 and now at version 2.5, empowers novice cybercriminals with tools for phishing emails, ransomware notes, and attack scripts, drastically lowering the entry barrier for cybercrime. Unlike paid…
#1 Gap in Your SOCs Is Probably Not What You Think
Leading a Security Operations Center has never been more challenging. SOC managers today juggle expanding attack surfaces, remote workforces, cloud migrations, and an explosion of security tools. All while trying to keep pace with increasingly automated attacks. Every day feels like…
CISA Warns of Threat Actors Leveraging Commercial Spyware to Target Users of Signal and WhatsApp
Cybersecurity authorities have raised fresh alarms over the spread of advanced commercial spyware targeting secure messaging apps like Signal and WhatsApp. According to a recent CISA advisory, multiple cyber threat actors actively deploy this sophisticated malware to compromise users’ smartphones,…
Critical FluentBit Vulnerabilities Let Attackers to Cloud Environments Remotely
A new chain of five critical vulnerabilities discovered in Fluent Bit has exposed billions of containerized environments to remote compromise. Fluent Bit, an open-source logging and telemetry agent deployed over 15 billion times globally, sits at the core of modern…
Threat Actors Exploiting Black Friday Shopping Hype – 2+ Million Attacks Recorded
The 2025 Black Friday shopping season has become a prime hunting ground for cybercriminals, with threat actors recording over 2 million phishing attacks targeting online gamers and shoppers worldwide. As global e-commerce continues to grow at 7-9% annually, attackers have…
Threat Actors Leverage Blender Foundation Files to Deliver Notorious StealC V2 Infostealer
Cybercriminals have discovered a new attack vector targeting the creative design community by exploiting Blender, a widely used open-source 3D modeling application. Threat actors are uploading malicious files to popular asset platforms like CGTrader, containing embedded Python scripts that execute…
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by the notorious Clop ransomware gang, has impacted dozens of major organizations worldwide. The…