The State Bar of Texas has confirmed a significant data security incident that occurred in early 2025, compromising sensitive information of its members and clients. The breach, which was discovered on February 12, 2025, involved unauthorized access to the organization’s…
Category: Cyber Security News
Top 10 Best XDR (Extended Detection & Response) Solutions – 2025
Extended Detection and Response (XDR) is a unified security incident platform that leverages AI and automation to protect organizations against advanced cyberattacks. XDR expands upon traditional endpoint detection and response (EDR) by integrating data from multiple sources, including endpoints, networks,…
Beware of Clickfix Lures ‘Fix Now’ & ‘Bot Verification’ That Downloads & Executes Malware
A sophisticated malware campaign dubbed “Clickfix” has emerged, targeting users through deceptive browser notifications and pop-ups that prompt immediate action through “Fix Now” and “Bot Verification” buttons. When triggered, these seemingly harmless prompts initiate a multi-stage infection chain that deploys…
Weaponized PDF-based Attacks Accounts 22% Out of 68% Malicious Attacks Via Email
A concerning trend in digital attacks: threat actors are weaponizing PDF files. According to CheckPoint Research, while 68% of all malicious attacks are delivered through email, PDF-based attacks now constitute 22% of all malicious email attachments, making them a significant security…
Critical Apache Parquet RCE Vulnerability Lets Attackers Run Malicious Code
A critical remote code execution (RCE) vulnerability has been discovered in Apache Parquet’s Java library, potentially affecting thousands of data analytics systems worldwide. The flaw, identified as CVE-2025-30065, carries the highest possible CVSS score of 10.0 and allows attackers to…
Malicious PyPI Package With Fully Automated Carding Script Attacking E-commerce Websites
A sophisticated malicious Python package named “disgrasya” has been discovered on the PyPI repository, containing a fully automated carding script specifically targeting WooCommerce stores. This package, whose name translates to “disaster” in Filipino slang, enables attackers to test stolen credit…
DeepSeek-R1 Prompts Exploited to Create Sophisticated Malware & Phishing Pages
A concerning security vulnerability has emerged in the AI landscape as researchers discover that DeepSeek-R1’s Chain of Thought (CoT) reasoning system can be exploited to create sophisticated malware and generate convincing phishing campaigns. The 671-billion-parameter model, designed to enhance reasoning…
New Credit Card Skimming Attack Leverages Chrome, Edge, & Firefox Extensions to Steal Financial Data
A sophisticated new credit card skimming operation dubbed “RolandSkimmer” has emerged, targeting users primarily in Bulgaria through malicious browser extensions. Named after the unique string “Rol@and4You” embedded in its payload, this attack represents a concerning evolution in web-based financial theft…
Australian Pension Funds Hacked – Members to LOSE Money from Their Accounts
Multiple major Australian superannuation funds have fallen victim to a sophisticated cyberattack that has compromised thousands of member accounts and resulted in confirmed financial losses. Cybersecurity experts have identified the attack as a coordinated OAuth token manipulation campaign coupled with…
React Router Flaw Exposes Web Apps to Cache Poisoning & WAF Bypass Attacks
A critical security vulnerability, CVE-2025-31137, has been identified in React Router, a popular library used by millions of developers for managing routing in React applications. Security researchers from zhero_web_security discovered this flaw, which affects both React Router 7 and Remix…
Frida Penetration Testing Tool Kit Released With New APIs for Threat Monitoring
Frida 16.7.0, the latest version of the popular dynamic instrumentation toolkit, has powerful new APIs specifically designed for advanced threat monitoring and security analysis. This major update, announced on March 13, 2025, introduces groundbreaking capabilities that significantly enhance the toolkit’s…
Chinese Hackers Actively Exploiting Ivanti VPN Vulnerability to Deploy Malware
Security researchers have identified a critical vulnerability in Ivanti Connect Secure (ICS) VPN appliances that is being actively exploited by suspected Chinese threat actors. The vulnerability, tracked as CVE-2025-22457, is a buffer overflow flaw affecting ICS version 22.7R2.5 and earlier…
OpenVPN Vulnerability Let Attackers Crash Servers & Execute Remote Code
A critical security vulnerability in OpenVPN has been discovered that could allow attackers to crash servers, potentially disrupting secure communications for thousands of users worldwide. The vulnerability, identified as CVE-2025-2704, affects OpenVPN versions 2.6.1 through 2.6.13 when configured with the…
Apache Traffic Server Vulnerability Let Attackers Smuggle Requests
A critical security vulnerability in Apache Traffic Server (ATS) has been discovered. By exploiting how the server processes chunked messages, attackers can perform request smuggling attacks. The vulnerability, tracked as CVE-2024-53868, affects multiple versions of this high-performance HTTP proxy server…
New Phishing Campaign Attacking Investors to Steal Login Credentials
A sophisticated phishing campaign has emerged targeting users of Monex Securities, one of Japan’s largest online brokerage platforms formed through the merger of Monex, Inc. and Nikko Beans, Inc. Since early April 2025, attackers have deployed a series of fraudulent…
Oracle Acknowledges Data Breach and Starts Informing Affected Clients
Oracle Corporation has confirmed a data breach involving its older Gen 1 servers, marking the second cybersecurity incident disclosed by the company in recent weeks. The breach, initially reported by a threat actor on Breachforums on March 20, 2025, has…
Hackers Leveraging Fast Flux Technique to Evade Detection & Hide Malicious Servers
CISA warns of threat actors’ increasing adoption of the fast flux technique to evade detection and conceal malicious server infrastructures. As cybercriminal operations grow increasingly sophisticated, threat actors adopt advanced techniques like fast flux to mask malicious infrastructure, evade defensive measures, and…
Hunters International Overlaps Hive Ransomware Attacking Windows, Linux, and ESXi Systems
A sophisticated ransomware operation known as Hunters International emerged in October 2023, with strong evidence suggesting connections to the formerly dismantled Hive ransomware group. The initial attack was documented on October 13, 2023, when the group disclosed their first victim—an…
DarkCloud Stealer Attacking Organizations with Weaponized .TAR Archive to Steal Passwords
A sophisticated cyber campaign leveraging the DarkCloud information stealer has targeted Spanish organizations across multiple critical sectors since early April 2025. The malware, distributed via weaponized .TAR archives embedded in phishing emails, exploits billing-themed lures to compromise technology, legal, financial,…
New Web Skimming Attack Uses Legacy Stripe API to Validate Stolen Card Details
A sophisticated web skimming campaign that employs a novel technique leveraging Stripe’s legacy API to validate payment card details before exfiltration. This tactic ensures attackers collect only valid payment information, making their operation more efficient while reducing the chances of…