A disturbing security vulnerability has been uncovered affecting RSA encryption keys used across the internet, with researchers discovering that approximately 1 in 172 certificates found online are susceptible to compromise through a mathematical attack. This widespread vulnerability primarily impacts Internet…
Category: Cyber Security News
Researcher Criticizes Microsoft Over Video Requirement for Bug Reports
A well-known vulnerability analyst has publicly criticized the Microsoft Security Response Center (MSRC) for refusing to process a detailed bug report without a proof-of-concept (POC) video. The incident has sparked debate within the cybersecurity community about the necessity of video…
Apple Adds RCS End-to-End Encryption for Sending Text Messages Using iPhone
Apple has announced it will implement end-to-end encryption (E2EE) for Rich Communication Services (RCS) messaging on iPhones, significantly enhancing security for cross-platform communications between iOS and Android users. The announcement comes as the GSM Association (GSMA) releases its new RCS…
BlackLock Ransomware Hacked 40+ Organization Within Two Months
BlackLock ransomware has emerged as one of the most notorious cybersecurity threats of 2025, compromising more than 40 organizations within just two months. The fast-rising ransomware group has targeted victims across multiple sectors, with construction, real estate, and technology industries…
Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials
Luxury automotive manufacturer Jaguar Land Rover (JLR) has become the latest victim of the rapidly emerging HELLCAT ransomware group, with sensitive internal documents and employee data now exposed on hacking forums. The attack bears the hallmarks of HELLCAT’s sophisticated tactics,…
Android Malware Mimic As DeepSeek To Steal Users Login Credentials
A sophisticated Android banking trojan known as OctoV2 has been discovered masquerading as the legitimate DeepSeek AI application. The malware campaign uses a deceptive phishing website that closely mimics the official DeepSeek platform, tricking users into downloading a malicious application…
Hackers Exploiting CSS to Evade Spam Filters & Track User Actions
Researchers have identified a concerning trend where threat actors are increasingly abusing Cascading Style Sheets (CSS) to bypass spam detection systems and covertly track user behaviours. Observed from the second half of 2024 through February 2025, these sophisticated techniques leverage…
Adobe Acrobat Reader Vulnerabilities Let Attackers Execute Arbitrary Code
Three significant vulnerabilities in Adobe Acrobat Reader were found, which might allow attackers to run arbitrary code or expose sensitive information. These vulnerabilities, discovered by Cisco Talos, affect multiple versions of the popular PDF software and pose significant security risks…
Researchers Hacked Into Commercial Trucks & Buses To Unlock Remotely
Cybersecurity experts have recently demonstrated how heavy-duty vehicles such as commercial trucks and buses can be remotely compromised, potentially giving attackers control over critical vehicle functions. These findings highlight significant vulnerabilities in the increasingly software-driven and interconnected nature of modern…
Hackers Exploiting TP-Link Vulnerability to Gain Root Access
Researchers have uncovered a critical vulnerability in TP-Link TL-WR845N routers that could allow attackers to gain complete control over affected devices. The flaw, identified as CVE-2024-57040 and assigned a CVSS score of 9.8 (Critical), exposes hardcoded root shell credentials stored…
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, where we provide you with the latest updates and essential insights from the rapidly changing field of cybersecurity. Staying informed is crucial in today’s fast-paced digital environment. Our goal is to provide you with…
RedCurl APT leveraging Active Directory Explorer & 7-Zip To Archive Exfiltrated Data
In a sophisticated cyber espionage campaign discovered in January 2025, the RedCurl APT group (also known as EarthKapre) has been observed targeting law firms and corporate organizations with a focus on corporate espionage. The threat actors employ a multi-stage attack…
100+ Auto Dealers Hacked With A ClickFix Webpage Leads To SectopRAT Malware Installation
A sophisticated supply chain attack has compromised over 100 automotive dealerships across the country, exposing countless visitors to malware infection. The attack leveraged a shared video service specifically used by auto dealerships, injecting malicious code that redirected unsuspecting users to…
Critical Vulnerabilities In Delphi Code Leads To Memory Corruption
Researchers have uncovered serious memory corruption vulnerabilities in Delphi programming language, challenging the widespread belief that Delphi provides inherent memory safety protections. These findings highlight significant security risks that could potentially lead to application crashes, data leaks, or even remote…
Hackers Attacking Exposed Jupyter Notebooks To Deliver Cryptominer
A novel cryptomining campaign has been identified that exploits misconfigured Jupyter Notebooks, targeting both Windows and Linux systems. The attack leverages exposed instances of Jupyter Notebook, an interactive application widely used by data scientists containing a Python IDE, to deploy…
DeepSeek R1 Jailbreaked To Develop Malware, Such As A Keylogger And Ransomware
Cybersecurity researchers have discovered that DeepSeek R1, an open-source large language model, can be manipulated to create functioning malware despite built-in safeguards. The AI model, designed with reasoning capabilities, initially refuses to generate malicious code but can be circumvented through…
AWS SNS Abused To Exfiltrate Data & Phishing Attack
Amazon Web Services Simple Notification Service (AWS SNS) has emerged as a new vector for malicious actors to exfiltrate sensitive data and conduct phishing campaigns. This pub/sub messaging service, designed to enable application-to-person and application-to-application communications, is increasingly being exploited…
Top Cybersecurity Tools of 2025 To Managing Remote Device Threats
The rise of remote work has significantly increased the attack surface for cybercriminals, making robust cybersecurity tools more critical than ever. As organizations adapt to a world where employees operate from diverse locations, cyber threats targeting remote devices continue to…
New Context Compliance Attack Jailbreaks Most of The Major AI Models
A new, surprisingly simple method called Context Compliance Attack (CCA) has proven effective at bypassing safety guardrails in most leading AI systems. Unlike complex prompt engineering techniques that attempt to confuse AI systems with intricate word combinations, CCA exploits a…
Black Basta Ransomware Attack Edge Network Devices With Automated Brute Force Attacks
A Russian-speaking actor using the Telegram handle @ExploitWhispers leaked internal chat logs of Black Basta Ransomware-as-a-Service (RaaS) members on February 11, 2025. These communications, spanning from September 2023 to September 2024, have provided security researchers with unprecedented insight into the…