The threat actor collective ShinyHunters has recently announced that BreachForums—one of the most prolific breeding grounds for stolen credentials and leak data—has been commandeered by international law enforcement agencies. According to Shiny from ShinyHunters, the site’s administrative controls, including the…
Category: Cyber Security News
7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and CVE-2025-6543
Over 7,000 Citrix NetScaler appliances remain unpatched against two critical vulnerabilities: CVE-2025-5777 and CVE-2025-6543. Despite multiple advisories from Citrix, CISA’s KEV catalog entries, and updates from national cybersecurity agencies—including the Dutch NCSC—threat actors continue to target unmitigated devices at scale.…
Ivanti Connect Secure, Policy Secure and ZTA Vulnerabilities Let Attackers Trigger DoS Attack
Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products. The vulnerabilities, identified through internal discovery and responsible disclosure programs, could enable remote attackers to…
Hackers Attacking Fortinet SSL VPN Under Attack From 780 unique IPs
An unprecedented surge in brute-force attacks targeting Fortinet SSL VPN infrastructure, with over 780 unique IP addresses participating in coordinated assault campaigns. The August 3rd attack represents the highest single-day volume recorded on GreyNoise’s Fortinet SSL VPN Bruteforcer tag in…
Critical Zoom Clients for Windows Vulnerability Lets Attackers Escalate Privileges
Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems. Designated as CVE-2025-49457 under bulletin ZSB-25030, this flaw carries a CVSS score of 9.6, classifying it as critical due to…
North Korean Kimsuky Hackers Data Breach – Insiders Published the Data Online
A massive leak of internal tooling, backdoors, and intelligence-gathering artifacts attributed to North Korea’s state-sponsored APT group Kimsuky has been published online by presumed insiders. The 34,000-page dump exposes live phishing infrastructure, kernel-level backdoors, Cobalt Strike payloads, and stolen government…
SAP Security Patch Day – 15 Vulnerabilities Patched including 3 Critical Injection Vulnerabilities
SAP released a comprehensive security update on August 12th, 2025, addressing 15 new vulnerabilities across its enterprise software portfolio, including three critical code injection flaws that pose significant risks to organizations worldwide. The monthly Security Patch Day also included four…
Critical Vulnerability in Carmaker Portal Let Hackers Unlock the Car Remotely
A severe flaw in a major automaker’s dealer portal allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely. The vulnerability resides in the portal’s Java/SAP backend and AngularJS frontend, where…
DarkBit Hackers Attacking VMware ESXi Servers to Deploy Ransomware and Encrypt VMDK Files
A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores. Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…
Scattered Spider With New Telegram Channel List Organizations It Attacked
In early August 2025, a previously quiet cybercrime collective known as Scattered Spider resurfaced with a striking new Telegram channel that aggregates proof of its intrusions and data exfiltration operations. The channel name fuses ShinyHunters, Scattered Spider, and Lapsus$, signaling…
Wikipedia Lost Legal Battle Against The UK’s Online Safety ACT Regulations
Wikipedia has suffered a significant legal defeat in its attempt to avoid being classified under the UK’s stringent Online Safety Act regulations. The High Court ruled against the Wikimedia Foundation and a Wikipedia user, known only as “BLN,” who challenged…
Apache bRPC Vulnerability Allows Attackers to Crash the Service via Network
A severe vulnerability in Apache bRPC has been discovered that allows attackers to crash services through network exploitation, affecting all versions prior to 1.14.1. The vulnerability, identified as CVE-2025-54472 with “important” severity classification, stems from unlimited memory allocation in the…
Reddit to Block Internet Archive as AI Companies Have Scraped Data From Wayback Machine
Reddit has announced plans to significantly restrict the Internet Archive’s Wayback Machine from indexing its platform, citing concerns that AI companies have been exploiting the archival service to circumvent Reddit’s data protection policies. The move represents another escalation in Reddit’s…
NCSC Warns of Citrix Netscaler Vulnerability CVE-2025-6543 Exploited to Breach Orgs
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler devices. The vulnerability, designated CVE-2025-6543, has been actively exploited since early May 2025, successfully compromising…
Researchers Details Masking Malicious Scripts and Bypass Defense Mechanisms
The cybersecurity landscape continues to evolve as threat actors develop increasingly sophisticated methods to evade detection systems. Recent research has unveiled a comprehensive analysis of payload obfuscation techniques that enable malicious scripts to bypass modern defense mechanisms, including web application…
Smart Bus Systems Vulnerability Let Hackers Remotely Track and Control Vehicles
A newly discovered security flaw in leading smart bus systems threatens to expose passenger safety and fleet integrity. Researchers have identified a critical vulnerability CVE-2025-44179 in the remote management interface of several major transit providers’ onboard modems. Exploiting this weakness,…
DarkBit Hackers Attacking VMware ESXi Servers to Deploy Ransomware and Encrypts VMDK Files
A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores. Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…
Hackers Using ClickFix Technique to Attack Windows Machine and Execute Powershell Commands
A sophisticated new attack campaign has emerged targeting Israeli businesses and infrastructure sectors through a deceptive social engineering technique known as “ClickFix,” which tricks users into executing malicious PowerShell commands on their Windows systems. The multi-stage attack chain begins with…
Erlang/OTP SSH RCE Vulnerability Exploited in the Wild to Attack Across OT Networks
A critical remote code execution vulnerability in Erlang/OTP’s SSH daemon has been actively exploited in the wild, with cybercriminals targeting operational technology networks across multiple industries. CVE-2025-32433, carrying the maximum CVSS score of 10.0, allows unauthenticated attackers to execute arbitrary…
Hackers Behind $100 Million Romance Scams and Other Frauds Extradited to US
Four Ghanaian nationals orchestrating an international cybercrime operation that defrauded victims of over $100 million through sophisticated romance scams and business email compromise attacks have been extradited to the United States. The criminal organization, led by Isaac Oduro Boateng, Inusah…