The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns. DragonForce ransomware group launched in 2023…
Category: Cyber Security News
Cloudflare Warns of DDoS Attacks Targeting Journalists and News Organizations
Cybersecurity firm Cloudflare has issued a stark warning about the escalating threat landscape facing independent media organizations worldwide, revealing that journalists and news outlets have become the primary targets of sophisticated distributed denial-of-service (DDoS) attacks. The company’s latest Project Galileo…
Threat Actors Exploiting Expired Discord Invite Links to Deliver Multi-Stage Malware
Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to hijack expired invite links and redirect unsuspecting users to malicious servers hosting advanced malware campaigns. This emerging threat leverages the…
Palo Alto Networks PAN-OS Vulnerability Enables Admin to Execute Root User Actions
A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user. Designated as CVE-2025-4231, this medium-severity vulnerability affects multiple versions of the company’s firewall operating…
OpenPGP.js Vulnerability Let Attackers Spoof Message Signature Verification
A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately signed by trusted sources. The flaw, designated CVE-2025-47934, represents a fundamental breach of…
Threat Actors Leverages DeepSeek-R1 Popularity to Attack Users Running Windows Devices
Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand…
Microsoft Outlook’s New Two-Click View for Encrypted Emails Protects You From Accidental Exposure
Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company will roll out a new two-click verification feature for encrypted emails, requiring users to confirm their intent to access sensitive…
SoftBank DataBreach – 137,000 Users Personal Data Exposed From Third-party Service Provider
SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure. The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…
CyberEYE RAT Disable Windows Defender Using PowerShell and Registry Manipulations
A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…
Microsoft Patched Windows Server 2025 Restart Bug that Disconnects AD Domain Controller
Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures. The comprehensive patch, identified as KB5060842, was deployed on…
Don’t Click ‘Unsubscribe’ Links Blindly It May Leads to Loss of Credentials
A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…
Multiple GitLab Vulnerabilities Allow Attackers to Achieve Complete Account Takeover
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise entire development infrastructures. The company released emergency patch versions 18.0.2, 17.11.4, and 17.10.8…
OneLogin AD Connector Vulnerabilities Exposes Authentication Credentials
A comprehensive security investigation has revealed critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that exposed authentication credentials and enabled attackers to impersonate legitimate users across enterprise environments. The vulnerabilities, which affect OneLogin’s widely-used identity and access management platform,…
Palo Alto Networks PAN-OS Vulnerability Let Attacker Run Arbitrary Commands as Root User
A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide. The vulnerability, catalogued as CVE-2025-4230, enables authenticated administrators with command-line interface (CLI) access to execute arbitrary commands with…
Threat Actors Allegedly Selling MaaS Botnet on Hackers Forums
Threat actors are allegedly offering the complete source code of a sophisticated Malware-as-a-Service (MaaS) botnet for sale. This advanced malicious framework represents a significant escalation in cybercriminal capabilities, leveraging legitimate enterprise-grade technologies and blockchain integration to create a highly resilient…
Trend Micro Apex One Vulnerability Allow Attackers to Inject Malicious Code
Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code and escalate privileges on affected systems. The company released emergency patches on June 9, 2025, to address five distinct vulnerabilities tracked under…
New Account Takeover Campaign Leverages Pentesting Tool to Attack Entra ID User Accounts
A sophisticated account takeover campaign has emerged, exploiting a legitimate penetration testing framework to compromise Microsoft Entra ID environments across hundreds of organizations worldwide. The malicious activity, which began intensifying in December 2024, demonstrates how cybercriminals are increasingly weaponizing security…
Threat Actors Weaponizing Bat Files to Deliver Quasar RAT
Cybersecurity researchers have identified a sophisticated new campaign where threat actors are leveraging Windows batch files to deliver the notorious Quasar Remote Access Trojan (RAT). This attack vector represents a concerning evolution in malware distribution tactics, as attackers continue to…
Windows SMB Client Zero-Day Vulnerability Exploited Using Reflective Kerberos Relay Attack
A critical zero-day vulnerability affecting Windows systems that allows attackers to achieve privilege escalation through a novel Reflective Kerberos Relay Attack. The vulnerability, designated CVE-2025-33073, was patched by Microsoft on June 10, 2025, as part of their monthly Patch Tuesday…
Hackers Attacking Apache Tomcat Manager From 400 Unique IPs
A significant coordinated attack campaign targeting Apache Tomcat Manager interfaces, with threat actors leveraging approximately 400 unique IP addresses in a concentrated attack that peaked on June 5, 2025. The attack represents a substantial increase in malicious activity, with observed…