A sophisticated campaign targeting Solidity developers has emerged, utilizing Visual Studio Code’s popularity and extension ecosystem as an attack vector. Threat actors have deployed trojanized extensions that masquerade as developer utilities while secretly exfiltrating cryptocurrency wallet credentials and other sensitive…
Category: Cyber Security News
New Attack Exploits dMSA in Windows Server 2025 to Compromise Any Active Directory Users
A critical vulnerability in Windows Server 2025 that enables attackers to compromise any user in Active Directory, including highly privileged accounts. Dubbed “BadSuccessor,” this attack exploits a feature called delegated Managed Service Accounts (dMSA) and works by default in environments…
Lumma Stealer Infrastructure With 2,300 Domains That Attacks Millions of Users Worldwide Seized
In a coordinated global operation announced on May 21, 2025, law enforcement and cybersecurity partners have successfully disrupted the infrastructure behind Lumma Stealer, one of the most prolific information-stealing malware operations targeting users worldwide. The Justice Department, in conjunction with…
Hackers Attacking Coinbase Users in a Sophisticated Social Engineering Attack
A massive wave of targeted social engineering attacks has been hitting Coinbase users since early 2025, with scammers exploiting insider access to obtain sensitive customer data. Unlike traditional technical breaches, these attacks leverage psychological manipulation to trick users into voluntarily…
BIND DNS Vulnerability Let Attackers Crash DNS Servers With Malicious Packet
A high-severity vulnerability in the BIND DNS server software was recently disclosed that allows attackers to crash DNS servers by sending just a single malicious packet. The Internet Systems Consortium (ISC) released BIND versions 9.18.37, 9.20.9, and 9.21.8 on May…
Grafana 0-Day Vulnerability Let Attackers to Redirect Users to Malicious Websites
A high-severity cross-site scripting (XSS) vulnerability in Grafana could allow attackers to redirect users to malicious websites. The vulnerability, tracked as CVE-2025-4123 received a CVSS score of 7.6 (HIGH), allows attackers to exploit client path traversal and open redirect to…
ThreatBook Named a Notable Vendor in Global Network Analysis and Visibility (NAV) Independent Report
ThreatBook, a global leader cyber threat and response solutions backed by threat intelligence and AI, has been recognized as a notable vendor in Forrester’s Network Analysis And Visibility Solutions Landscape, Q2 2025 report. This marks a major milestone in ThreatBook’s…
Hackers Leverage PyBitmessage Library to Bypass AV & Network Security Detections
Cybersecurity experts have identified a sophisticated new malware strain that combines a Monero cryptocurrency miner with an advanced backdoor component, presenting a significant threat to organizational security. The malware leverages PyBitmessage, an implementation of the Bitmessage protocol designed for peer-to-peer…
Hackers Attacking Mobile Users Leveraging PWA JavaScript & Browser Protections
A sophisticated malware campaign has emerged targeting mobile device users through Progressive Web Applications (PWAs), representing an alarming shift in attack methodology. Security researchers have identified a coordinated effort originating from China that exploits third-party JavaScript injections to redirect unsuspecting…
Hackers Attacking Employees Mimic as Organizations to Steal Payroll Logins & Reroute Payments
A sophisticated search engine optimization (SEO) poisoning attack has emerged, targeting employees through their mobile devices with fake login pages that mimic legitimate corporate portals. The attack, which has already affected organizations in the manufacturing sector, enables hackers to steal…
Docker Zombie Malware Infects Containers to Mine Crypto and Self-Replicate
A sophisticated self-replicating malware strain targeting Docker environments has been discovered propagating across insecurely published Docker APIs. This “zombie” malware, observed in May 2025, autonomously infects Docker containers and transforms them into cryptomining nodes while simultaneously scanning for new victims…
New Scan Reveals 150K Industrial Systems Around the Globe are Exposed to Cyberattacks
A groundbreaking study has uncovered approximately 150,000 industrial control systems (ICS) exposed to the public internet across the globe, raising significant cybersecurity concerns for critical infrastructure worldwide. This extensive research, published in 2024, reveals that these vulnerable systems span 175…
71 Fake Sites Using Brand Scam to Steal Payment Info Linked to German Retailer
A sophisticated network of 71 fraudulent websites impersonating a major German discount retailer has been uncovered, revealing an elaborate scheme designed to steal payment information and personal data from unsuspecting consumers. These sites employ typosquatting techniques, using domain names that…
PupkinStealer Leveraging Web browser Passwords & App Tokens to Exfiltrate Data via Telegram
A sophisticated information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to Windows users, with initial detections dating back to April 2025. This .NET-based malware specifically targets stored credentials in web browsers and authentication tokens from popular messaging applications,…
CISA Warns of Russian Hackers Attacking Logistics & IT Companies with Windows Utilities
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners, released a joint advisory today warning that Russian military intelligence hackers are targeting Western logistics companies and technology…
PowerDNS Vulnerability Let Attackers Trigger DoS Attack Via Malicious TCP Connection
PowerDNS has released a critical update to address a high-severity vulnerability in its DNS proxy and load balancer, DNSdist, that could allow unauthenticated attackers to cause service disruptions through specially crafted TCP connections. The vulnerability, tracked as CVE-2025-30193 with a…
Windows 11 Administrator Protection Enhances Security Against Elevated Privileges Attacks
Microsoft’s upcoming Administrator protection feature for Windows 11 represents a significant architectural overhaul of Windows security, designed to combat the growing threat of privilege escalation attacks. This new security layer addresses the vulnerabilities associated with traditional administrator accounts by implementing…
IBM Warns of One-Third of Cyber Attacks are Highly Sophisticated to Steal Login Credentials
In a concerning revelation from the latest IBM X-Force 2025 Threat Intelligence Index, approximately one-third of cyber attacks now involve highly sophisticated techniques aimed at stealing login credentials rather than employing traditional brute-force hacking methods. The report highlights that 30%…
Cellcom Confirms Cyberattack Following Widespread Service Outage
After nearly a week of disrupted services, Wisconsin-based telecommunications provider Cellcom has officially confirmed that a cyberattack is responsible for the ongoing service outage affecting thousands of customers across its network. The incident, which began on Wednesday, May 14, has…
VanHelsing Ransomware Builder Leaked on Hacking Forums
A significant development in the cybercriminal landscape occurred on May 20, 2025, when the VanHelsing ransomware-as-a-service (RaaS) operation publicly released its source code after an alleged former developer attempted to sell it on the RAMP cybercrime forum. Security researchers have…