A significant security vulnerability has been identified in Realtek’s RTL8762E SDK v1.4.0 that allows attackers to exploit the Bluetooth Low Energy (BLE) Secure Connections pairing process to launch denial-of-service attacks. The vulnerability, discovered in the RTL8762EKF-EVB development platform, stems from…
Category: Cyber Security News
Five Hackers Behind Notorious Data Selling Platform BreachForums Arrested
French authorities have dismantled a major cybercrime operation, arresting five hackers who operated BreachForum, one of the world’s largest marketplaces for stolen data, in coordinated raids across France. French police initially suspected the cybercriminals operating BreachForum were Russian or hiding…
New BRAODO Stealer Campaign Abuses GitHub To Host Payloads And Evade Detection
Security researchers at ANY.RUN have uncovered a new malware campaign delivering the BRAODO Stealer, which relies on public GitHub repositories to host and stage its payloads. This campaign employs multiple evasion techniques and scripting layers to complicate detection and analysis,…
New Malware Spotted in The Wild Using Prompt Injection to Manipulate AI Models Processing Sample
Cybersecurity researchers have discovered a groundbreaking new malware strain that represents the first documented attempt to weaponize prompt injection attacks against AI-powered security analysis tools. The malware, dubbed “Skynet” by its creators, was anonymously uploaded to VirusTotal in early June…
Multiple Brother Devices Vulnerabilities Open Devices for Hacking
A comprehensive security research investigation has unveiled eight critical vulnerabilities affecting 742 printer and multifunction device models across four major manufacturers. The discovery, stemming from a zero-day research project conducted by cybersecurity firm Rapid7, exposes severe security flaws in Brother…
Beware of Weaponized Wedding Invite Scams That Deploys SpyMax RAT on Android Devices
A sophisticated Android phishing campaign has emerged across India, exploiting the cultural significance of wedding invitations to distribute malicious software. The attack, dubbed “Wedding Invitation,” leverages the ubiquitous nature of digital communication platforms to target unsuspecting mobile users through carefully…
Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in the Wild
Cloud Software Group has issued an urgent security advisory warning customers about a critical memory overflow vulnerability in NetScaler ADC and Gateway products, which could enable denial-of-service attacks. Exploits of this vulnerability have already been observed in the wild. The…
North Korean Hackers as Recruiters Attacking Developers With 35 New Malicious npm Packages
North Korean threat actors have launched a sophisticated supply chain attack campaign, embedding 35 malicious npm packages across 24 compromised accounts to target software developers through an elaborate recruitment deception. The campaign, identified as an extension of the ongoing “Contagious…
INTERPOL Warns of Sharp Rise in Cyber Attacks Targeting Western and Eastern Africa
The cybersecurity landscape across Africa has reached a critical juncture, with cybercrime now accounting for more than 30 percent of all reported crimes in Western and Eastern Africa, according to INTERPOL’s newly released 2025 Africa Cyberthreat Assessment Report. This alarming…
NetNerve – AI Powered PCAP Analysis to Detect Anomalies & Potential Threats
A groundbreaking cybersecurity solution called NetNerve has emerged as a game-changer in network threat detection, leveraging artificial intelligence to analyze Packet Capture (PCAP) files with unprecedented accuracy and speed. This innovative platform represents a significant advancement in proactive cybersecurity measures,…
Windows 11 Update Configuration Hangs During Update Scanning
Microsoft has released a critical Windows configuration update in June 2025 to address a significant issue affecting Windows 11 users worldwide. The update targets a persistent problem where the Windows Update scanning mechanism becomes unresponsive, preventing users from checking for…
Kubernetes NodeRestriction Vulnerability Allows Nodes to Bypass Resource Allocation Checks
A newly disclosed vulnerability in Kubernetes has been identified that could allow compromised nodes to bypass critical authorization checks within the container orchestration platform. The security flaw, tracked as CVE-2025-4563, affects the NodeRestriction admission controller and poses potential risks for…
Hacktivist Groups Attacking U.S. Companies & Military Domains Following Attacks on Iran
The cybersecurity landscape has witnessed dramatic escalation in hacktivist activities targeting U.S. infrastructure following geopolitical tensions in the Middle East. Following U.S. airstrikes on Iranian nuclear facilities on June 21, 2025, multiple pro-Iranian hacktivist groups launched coordinated distributed denial-of-service (DDoS)…
Threat Actors Distribute Hacked Version of SonicWall’s SSL VPN NetExtender to Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting SonicWall’s SSL VPN NetExtender users through a meticulously crafted Trojanized version of the legitimate remote access software. The malicious campaign, operating through impersonated websites, distributes a modified version of NetExtender 10.3.2.27…
Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution
Google Chrome has released a critical security update addressing 11 vulnerabilities that could potentially allow malicious code execution on user systems. The Chrome 138.0.7204.49 stable channel update, announced on Tuesday, June 24, 2025, represents a significant security milestone as the…
Threat Actors Poison Search Results & Exploits Popularity of ChatGPT and Luma AI to Deliver Malicious Payloads
Cybercriminals are increasingly exploiting the widespread fascination with artificial intelligence tools, leveraging the popularity of platforms like ChatGPT and Luma AI to orchestrate sophisticated malware distribution campaigns. These threat actors have developed an intricate web of deceptive websites designed to…
CISA Releases Guide to Reduce Memory Safety Vulnerabilities in Modern Software Development
The CISA and the NSA have jointly released a comprehensive guide addressing one of the most persistent and dangerous classes of software vulnerabilities: memory safety issues. Published in June 2025, the document “Memory Safe Languages: Reducing Vulnerabilities in Modern Software…
Critical Kibana Vulnerabilities Allows Heap Corruption and Remote Code Execution
A severe heap corruption vulnerability in Kibana could let attackers achieve remote code execution using specially crafted HTML pages. The vulnerability, designated as CVE-2025-2135, stems from a Type Confusion flaw in the underlying Chromium engine and carries a maximum CVSSv3.1…
Linux CentOS Web Panel Vulnerability Let Attackers Execute Malicious Remote Code – PoC Released
A critical security vulnerability in CentOS Web Panel (CWP) has been discovered that allows unauthenticated remote attackers to execute arbitrary commands on affected servers. The flaw, tracked as CVE-2025-48703, affects one of the most widely used free web hosting control…
Akamai Shares New Techniques for Defenders to Shutdown Cryptominer Attacks
Cybersecurity researchers at Akamai have unveiled groundbreaking defensive techniques capable of completely shutting down cryptomining botnets, marking a significant advancement in the fight against cryptocurrency-based cybercrime. The innovative approach, detailed in the final installment of Akamai’s “Cryptominers’ Anatomy” blog series,…