A proof-of-concept (PoC) exploit has been released for CVE-2025-3155, a critical vulnerability in GNOME’s Yelp help viewer that enables attackers to exfiltrate SSH keys and other sensitive files from Ubuntu systems. The flaw leverages improper handling of the ghelp:// URI…
Category: Cyber Security News
WhatsApp Vulnerability Let Attackers Execute Malicious Code Via Attachments
A critical vulnerability in WhatsApp for Windows that could allow attackers to execute malicious code through seemingly innocent file attachments. The spoofing vulnerability, officially tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6 and poses…
Hackers Exploiting Windows .RDP Files For Rogue Remote Desktop Connections
In a sophisticated espionage campaign targeting European government and military institutions, hackers believed to be connected with Russian state actors have been utilizing a lesser-known feature of Windows Remote Desktop Protocol (RDP) to infiltrate systems. The Google Threat Intelligence Group…
Malicious Python Packages Attacking Popular Cryptocurrency Library To Steal Sensitive Data
Cybersecurity experts have identified a new threat targeting cryptocurrency developers and users. Two malicious Python packages have been discovered on the Python Package Index (PyPI) specifically designed to compromise systems using the popular bitcoinlib library. These packages, identified as bitcoinlibdbfix…
Threat Actors Weaponize Windows Screensavers Files to Deliver Malware
Malware operators continue exploiting the Windows Screensaver (.scr) file format to distribute malicious payloads, leveraging its executable nature under the guise of harmless system files. Recent campaigns observed by cybersecurity researchers reveal advanced tactics targeting global enterprises through sophisticated phishing…
AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack
AI-powered spear phishing agents have surpassed elite human red teams in crafting socially engineered attacks as recently revealed. From 2023 to 2025, AI’s effectiveness relative to humans improved by 55%, marking a paradigm shift in both offensive and defensive cybersecurity…
Threat Actors Leveraging Toll Payment Services in Massive Hacking Attack
A sophisticated cybercriminal operation has emerged targeting toll payment services across multiple regions, with evidence suggesting this campaign will continue expanding globally. The attack, characterized by highly convincing SMS phishing (smishing) messages, has already reached millions of consumers who use…
Threat Actors Leveraging VPS Hosting Providers to Deliver Malware & Evade Detection
A sophisticated malware campaign distributing the Grandoreiro banking trojan has been targeting users in Mexico, Argentina, and Spain through elaborate phishing emails impersonating tax agencies. The attack leverages a multi-stage infection chain that begins with fraudulent government notifications claiming recipients…
SpyCloud Research Shows that EDR & Antivirus Solutions Miss Two-Thirds (66%) of Malware Infections
Deep visibility into malware-siphoned data can help close gaps in traditional defenses before they evolve into major cyber threats like ransomware and account takeover SpyCloud, the leading identity threat protection company, today released new analysis of its recaptured darknet data…
ToddyCat Hackers Exploit ESET’s Command Line Scanner Vulnerability to Evade Detection
ToddyCat, the notorious APT group, used a sophisticated attack strategy to stealthily deploy malicious code in targeted systems by exploiting a weakness in ESET’s command line scanner. The vulnerability, now tracked as CVE-2024-11859, allowed attackers to bypass security monitoring tools…
Everest Ransomware Gang Leak Site Hacked and Defaced
The Everest ransomware gang, a Russia-linked cybercriminal organization, faced an unexpected setback this weekend when its dark web leak site was hacked and defaced. The site, typically used to publish stolen data as part of the gang’s extortion tactics, was…
New Black-Hat Automated Hacking Tool Xanthorox AI Advertised in Hacker Forums
A new malicious AI platform named Xanthorox AI has emerged, positioning itself as a friendly tool for hackers. First spotted in late Q1 2025, Xanthorox AI is being promoted in underground cybercrime forums as a modular, self-hosted solution for automated…
20-Year-Old Scattered Spider Hacker Pleads Guilty Of Sophisticated Ransomware Attacks
A 20-year-old Florida man identified as a key member of the notorious “Scattered Spider” cybercriminal collective has pleaded guilty to orchestrating sophisticated ransomware attacks and cryptocurrency theft schemes targeting major corporations. Noah Urban, also known by aliases “King Bob” and…
Dell PowerProtect Systems Vulnerability Let Remote Attackers Execute Arbitrary Commands
A significant security vulnerability in Dell Technologies PowerProtect Data Domain systems has been identified that could allow authenticated users to execute arbitrary commands with root privileges, potentially compromising critical data protection infrastructure. Dell has released remediation patches to address this…
New Sakura RAT Emerges on GitHub, Successfully Evading AV & EDR Protections
A new Remote Access Trojan (RAT) called Sakura has been published on GitHub. Due to its sophisticated anti-detection capabilities and comprehensive system control features, Sakura is raising significant concerns in the cybersecurity community. The malware, identified in a repository allegedly…
Lazarus Adds New Malicious npm Packages with Hexadecimal Encoding to Evade Detection
The Lazarus Group, a notorious North Korean state-sponsored hacking collective, has escalated its cyber warfare tactics by introducing new malicious npm packages with advanced obfuscation techniques. These packages, part of the broader Contagious Interview operation, are designed to evade automated…
CISA Releases NICE Workforce Framework Version 2.0.0 Released – What’s New
The US Cybersecurity and Infrastructure Security Agency (CISA) has officially released Version 2.0.0 of the NICE Workforce Framework for Cybersecurity, marking a significant update to this nationally focused resource. Released on March 5, 2025, this major update introduces substantial changes…
Critical pgAdmin Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability discovered in pgAdmin 4, the most widely used management tool for PostgreSQL databases, is allowing attackers to execute arbitrary code on affected systems. Security researchers have disclosed details of CVE-2025-2945, a severe Remote Code Execution (RCE)…
Bitdefender GravityZone Console PHP Vulnerability Let Attackers Execute Arbitrary Commands
A critical security vulnerability has been discovered in Bitdefender GravityZone Console that could allow remote attackers to execute arbitrary commands on affected systems. The flaw tracked as CVE-2025-2244 has a CVSS score of 9.5. It stems from an insecure PHP…
10 Best Kubernetes Container Scanners In 2025
Kubernetes container scanners are essential tools for ensuring the security of containerized applications and Kubernetes clusters. These scanners analyze vulnerabilities, misconfigurations, and compliance issues within container images, Kubernetes manifests, and runtime environments. Popular tools like Kube Bench focus on compliance…