The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical vulnerability in Edimax IC-7100 IP cameras that is actively being exploited by multiple botnets. The vulnerability, tracked as CVE-2025-1316, allows attackers to send specially crafted…
Category: Cyber Security News
Dragon RaaS Leading ‘Five Families’ Crimeware With New Initial Access & Exploitation Methods
A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation methods that have alarmed cybersecurity experts. The Dragon RaaS operation has been…
Signal Messenger Leveraged for Targeted Attacks on Employees of Defense Industry
A sophisticated cyber espionage campaign targeting employees of defense industrial complex enterprises and representatives of the Defense Forces of Ukraine has been uncovered. The attackers are using the popular Signal messenger app to distribute malicious archives that purportedly contain meeting…
Chinese Salt Typhoon Hackers Exploiting Exchange Vulnerabilities to Attack Organizations
Security researchers have identified a sophisticated Chinese APT group known as Salt Typhoon that has been actively exploiting Microsoft Exchange’s ProxyLogon vulnerabilities to compromise organizations worldwide. The group, also tracked as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been operational…
Spyware Maker SpyX Data Breach Exposes Nearly 2 Million Users Personal Data
A massive data breach at consumer-grade spyware operation SpyX has compromised the personal information of nearly 2 million individuals, including thousands of Apple users with exposed iCloud credentials. The breach, which occurred in June 2024 but remained unreported until March…
Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution
A critical vulnerability in Veeam Backup & Replication systems that allows authenticated domain users to execute remote code, potentially compromising enterprise backup infrastructures. The vulnerability, identified as CVE-2025-23120, carries a severe CVSS score of 9.9, indicating its high potential for…
Malware Operation ‘DollyWay’ Hacked 20,000+ WordPress Sites Globally
In recent years, the cybersecurity landscape has witnessed a significant rise in sophisticated malware operations. One such operation is “DollyWay,” a long-running campaign that has compromised over 20,000 WordPress sites globally. This operation is notable for its advanced techniques in…
Linux Kernel Out-of-bounds Write Vulnerability Let Attackers Escalate Privileges
A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems. Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems…
Kali Linux 2025.1a Released With New Tool & Updates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…
ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…
Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…
Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
A widespread phishing campaign is currently targeting GitHub repositories with fake security alerts, potentially compromising thousands of developer accounts. Cybersecurity experts warn that these sophisticated attacks could grant hackers complete control over victims’ code repositories and personal information. Security researcher…
Attackers Embedding Malicious Word file into a PDF to Evade Detections
A sophisticated attack vector dubbed “MalDoc in PDF” allows threat actors to bypass traditional security scanning by embedding malicious Word documents into PDF files. This technique, observed in attacks dating back to July, enables macros to execute when victims open…
41% of Success Logins Across Websites Involves Compromised Passwords
Password reuse continues to be one of the most significant security vulnerabilities in 2025, with alarming new data showing nearly half of all successful website logins involve previously exposed credentials. This widespread practice of recycling passwords across multiple services creates…
US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed
California Cryobank LLC, one of America’s largest sperm donor repositories, has confirmed a significant data breach that exposed sensitive customer information. The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory…
Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide
In what security experts are calling one of the largest credential theft campaigns in history, sophisticated threat actors have successfully exfiltrated over 3.2 billion login credentials and compromised approximately 23 million devices across six continents. The massive operation, identified in…
Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla
A sophisticated new malware strain called “Arcane” that specifically targets network utilities, VPN clients, and file transfer applications. The malware, discovered in late 2024, is being distributed through seemingly innocent YouTube videos that promote game cheats and cracks, putting thousands…