August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges from within the Chrome renderer sandbox on Linux systems. Google Project Zero researcher Jann Horn…
Category: Cyber Security News
5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines
A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one of the largest pharmaceutical fraud networks ever documented. This massive operation, orchestrated by a single threat actor group, targets vulnerable…
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email
A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach that combines compromised WordPress websites, malicious torrents, and deceptive email campaigns. First detected in October 2024, this ClipBanker-type Trojan has…
Threat Actors Using Typosquatted PyPI Packages to Steal Cryptocurrency from Bittensor Wallets
A sophisticated cryptocurrency theft campaign has emerged targeting the Bittensor ecosystem through malicious Python packages distributed via the Python Package Index (PyPI). The attack leverages typosquatting techniques to deceive developers and users into installing compromised versions of legitimate Bittensor packages,…
28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online
Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released on August 7, 2025, by The Shadowserver Foundation. The Cybersecurity and Infrastructure…
DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation
A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls. The DarkCloud Stealer, first documented in recent threat intelligence reports, represents a significant evolution in cybercriminal tactics, employing a complex…
BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices in a matter of minutes. The research, conducted by Alon Leviev and…
CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks
A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing…
Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack
Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educational institutions, and Fortune 500 companies. The Swedish security camera manufacturer’s popular video surveillance products contain…
New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data
A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to harvest sensitive credentials and financial information. This fileless malware variant represents a significant evolution in…
VexTrio TDS System Developing Several Malicious Apps Mimic as VPNs to Publish in Google Play and App Store
The notorious VexTrio traffic distribution system (TDS) has expanded its cybercriminal operations beyond traditional web-based scams to include the development and distribution of malicious mobile applications designed to masquerade as legitimate VPN services..This sophisticated threat actor, which has maintained a…
PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies between local file headers and the central directory, malicious actors can craft seemingly benign wheel…
US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations
U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The operation, led by Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), involved seizing servers,…
Threat Actors Weaponize Malicious Gopackages to Deliver Obfuscated Remote Payloads
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting the Go ecosystem through eleven malicious packages that employ advanced obfuscation techniques to deliver second-stage payloads. The campaign demonstrates a concerning evolution in supply chain attacks, leveraging the decentralized nature of…
Windows User Account Control Bypassed Using Character Editor to Escalate Privileges
A sophisticated new technique that exploits the Windows Private Character Editor to bypass User Account Control (UAC) and achieve privilege escalation without user intervention, raising significant concerns for system administrators worldwide. The attack disclosed by Matan Bahar leverages eudcedit.exeMicrosoft’s built-in…
RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools
Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years, attackers operating under aliases such as zon, nowon, kwonsoonje, and soonje have published more than…
Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data
Columbia University has disclosed a major cybersecurity incident where an unauthorized third party accessed and extracted a significant volume of personal and financial data. The breach, which affects a vast number of individuals connected to the university, was discovered following…
ChatGPT-5 Released: What’s New With the Next-Generation AI Agent
OpenAI has officially launched ChatGPT-5, a new generation of its AI agent that introduces a sophisticated, unified system designed to be faster, more intelligent, and significantly more useful for real-world applications. This release marks a significant evolution from its predecessors,…
Biggest Ever GreedyBear Attack With 650 Hacking Tools Stolen $1 Million from Victims
A sophisticated cybercriminal operation known as GreedyBear has orchestrated one of the most extensive cryptocurrency theft campaigns to date, deploying over 650 malicious tools across multiple attack vectors to steal more than $1 million from unsuspecting victims. Unlike traditional threat…
ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials
A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the same EC2 instance. The discovery highlights critical isolation weaknesses in multi-tenant ECS deployments and underscores…