A sophisticated threat actor designated as ViciousTrap has successfully compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive distributed honeypot network capable of intercepting and monitoring exploitation attempts worldwide. This unprecedented campaign represents a…
Category: Cyber Security News
ModSecurity Vulnerability Exposes Millions of Web Servers to Severe Denial-of-Service
A critical vulnerability in ModSecurity’s Apache module has been disclosed, potentially exposing millions of web servers worldwide to denial-of-service attacks. The flaw, tracked as CVE-2025-47947 and assigned a CVSS score of 7.5, affects the popular open-source web application firewall’s handling…
PoC Published For Fortinet 0-Day Vulnerability That Being Exploited in the Wild
Security researchers have published detailed proof-of-concept (PoC) analysis for a critical zero-day vulnerability affecting multiple Fortinet products, as threat actors continue to exploit the flaw in real-world attacks actively. The vulnerability, tracked as CVE-2025-32756, represents a significant security risk with…
Gujarat Teen Behind 50+ Cyberattacks During ‘Operation Sindoor’ Arrested
The Gujarat Anti-Terrorism Squad (ATS) has arrested an 18-year-old and a minor for orchestrating over 50 coordinated cyberattacks on Indian government websites during the recent military ‘Operation Sindoor’. The main accused, Jasim Shahnawaz Ansari from Nadiad in Gujarat’s Kheda district,…
CefSharp Enumeration Tool Reveals Security Vulnerabilities in .NET Desktop Apps
Security researchers have unveiled significant vulnerabilities in .NET desktop applications that utilize CefSharp, a popular framework for embedding Chromium browsers within desktop applications, exposing millions of enterprise applications to potential remote code execution attacks. CefSharp, a lightweight .NET wrapper around…
Russian Hackers Leverage Oracle Cloud Infrastructure to Scaleway Object Storage
In a sophisticated cybersecurity attack uncovered this week, Russian threat actors have been observed exploiting multiple cloud service providers to deliver the notorious Lumma Stealer malware. The campaign utilizes legitimate cloud infrastructure—including Oracle Cloud Infrastructure (OCI), Scaleway Object Storage, and…
Versa Concerto 0-Day Authentication Bypass Vulnerability Allows Remote Code Execution
Significant vulnerabilities were uncovered in Versa Concerto, a widely deployed SD-WAN orchestration platform used by major enterprises and government entities. The flaws include authentication bypass vulnerabilities that can be chained to achieve remote code execution and complete system compromise. Despite…
Multiple GitLab Vulnerabilities Let Attackers Trigger DoS Attacks
GitLab has released critical security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with several high-risk flaws enabling denial-of-service (DoS) attacks. The coordinated release of versions 18.0.1, 17.11.3, and 17.10.7 comes as the DevOps…
UAT-638 Hackers Exploit Cityworks Zero-Day to Attack IIS Servers With VSHell Malware
A sophisticated cyber threat group designated as UAT-6382 has been actively exploiting a critical zero-day vulnerability in Cityworks, a popular asset management system used by local governments across the United States. The vulnerability, tracked as CVE-2025-0994, allows remote code execution…
Cisco Webex Meetings Vulnerability Let Attackers Manipulate HTTP Responses
Cisco disclosed a security vulnerability (CVE-2025-20255) affecting its Webex Meetings service that could allow remote attackers to manipulate cached HTTP responses. The vulnerability, assigned a CVSS score of 4.3 (Medium severity), stems from improper handling of malicious HTTP requests in…
Netwrix Password Manager Vulnerability Allows Authenticated Remote Code Execution
A critical security vulnerability has been discovered in Netwrix Password Secure, an enterprise password management solution, allowing authenticated attackers to execute arbitrary code on victim machines. The vulnerability, identified as CVE-2025-26817, affects all versions of Netwrix Password Secure up to…
Hackers Using Weaponized npm Packages to Attack React, Node.js JavaScript Frameworks
In a troubling development for the JavaScript ecosystem, security researchers have discovered a sophisticated campaign targeting popular frameworks through weaponized npm packages. These malicious packages, which have accumulated over 6,200 downloads, masquerade as legitimate plugins and utilities while secretly containing…
Threat Actors Hosted ZeroCrumb Malware on GitHub That Steals Browser Cookies
Cybersecurity researchers have identified a new infostealer malware called “ZeroCrumb” that was recently distributed through GitHub repositories. This sophisticated malware specifically targets browser cookies from popular browsers including Chrome, Brave, and Edge, enabling attackers to steal sensitive user authentication data…
Linux kernel SMB 0-Day Vulnerability Uncovered Using ChatGPT
A zero-day vulnerability in the Linux kernel was discovered, utilizing OpenAI’s o3 model. This finding, assigned CVE-2025-37899, marks a significant advancement in AI-assisted vulnerability research. The vulnerability, officially confirmed on May 20, 2025, affects the ksmbd component of the Linux…
Hackers Leveraging Trending TikTok Videos to Deliver Vidar & StealC Malware
In a concerning development that highlights the evolving tactics of threat actors, cybercriminals have begun exploiting the popularity of TikTok to distribute sophisticated information-stealing malware. This new campaign specifically delivers Vidar and StealC infostealers by tricking users into executing malicious…
Chrome Vulnerabilities Let Attackers Execute Malicious Code Remotely – Update Now
Google has released an urgent security update for Chrome after discovering multiple high-severity vulnerabilities that could allow attackers to execute malicious code remotely on users’ systems. The most critical flaw, a “Use after free” vulnerability in the browser’s Compositing system,…
Microsoft Investigates Exchange Online Email Delays Impacting Australian Users
Microsoft is currently investigating an issue affecting Exchange Online, where some users in Australia are experiencing significant delays in sending and receiving emails. The problem, first acknowledged on May 22, 2025, has led to disruptions for businesses and individuals relying…
New Advanced Process Injection Attack Lets Attackers Evade EDR Detection
A novel process injection technique that effectively bypasses leading Endpoint Detection and Response (EDR) solutions by focusing solely on execution primitives, eliminating the need for memory allocation or writing operations that typically trigger security alerts. Dubbed “CONTEXT-Only Attack Surface,” this…
Everest Hacking Group Claims Coca-Cola Data Breach, Exfiltrates 23 Million Records
In a significant cybersecurity incident that could potentially affect millions of consumers, two notorious hacking groups have claimed responsibility for separate breaches of Coca-Cola systems. According to posts on dark web forums, the Everest ransomware group has reportedly compromised internal…
Cisco Identity Services RADIUS Process Vulnerability Let Attackers Trigger DoS Condition
Cisco disclosed a high-severity vulnerability affecting its Identity Services Engine (ISE) that could allow unauthenticated remote attackers to cause a denial of service condition. The vulnerability, identified as CVE-2025-20152, received a CVSS score of 8.6, reflecting its serious potential impact…