Cisco has disclosed multiple critical vulnerabilities in Unified Contact Center Express (CCX) that allow unauthenticated remote attackers to execute malicious code and escalate privileges. The vulnerabilities affect the Java Remote Method Invocation (RMI) process and authentication mechanisms, potentially compromising entire…
Category: Cyber Security News
Checkpoint Details on How Attackers Drained $128M from Balancer Pools Within 30 Minutes
On November 3, 2025, blockchain security monitoring systems detected a sophisticated exploit targeting Balancer V2’s ComposableStablePool contracts. An attacker executed a precision loss vulnerability to drain $128.64 million across six blockchain networks in under 30 minutes. The attack leveraged a…
Three Infamous Cybercriminal Groups Form a New Alliance Dubbed ‘Scattered LAPSUS$ Hunters’
Three well-known threat groups have consolidated into a unified cybercriminal entity that represents a significant shift in underground tactics. Scattered LAPSUS$ Hunters (SLH) emerged in early August 2025 as a federated alliance combining Scattered Spider, ShinyHunters, and LAPSUS$, creating what…
Clop Ransomware Actors Exploiting the Latest 0-Day Exploits in the Wild
Cl0p, a prominent ransomware group operating since early 2019, has emerged as one of the most dangerous threats in the cybersecurity landscape. With over 1,025 confirmed victims and more than $500 million in extorted funds, this Russian-linked group has consistently…
Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild
Cisco has confirmed that threat actors are actively exploiting a critical remote code execution (RCE) flaw in its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. First disclosed on September 25, 2025, the vulnerability tracked as CVE-2025-20333…
Authorities Dismanteled Major Credit Card Fraud Operation Impacting 4.3 Million Cardholders
International law enforcement agencies have taken down three sophisticated fraud and money laundering networks in a coordinated operation that uncovered one of the largest credit card fraud schemes in recent history. The operation, codenamed “Chargeback,” revealed criminal activity affecting over…
Multiple Django Vulnerabilities Enable SQL injection and DoS Attack
Django, one of the most popular Python web development frameworks, has disclosed two critical security vulnerabilities that could allow attackers to execute SQL injection attacks and launch denial-of-service attacks. The vulnerabilities, identified as CVE-2025-64458 and CVE-2025-64459, affect core components of…
APT-C-60 Attacking Job Seekers to Download Weaponized VHDX File from Google Drive to Steal Sensitive Data
A sophisticated espionage campaign targeting recruitment professionals has emerged, with the APT-C-60 threat group weaponizing VHDX files to compromise organizations. The threat actors impersonate job seekers in spear-phishing emails sent to recruitment staff, exploiting trust relationships to deliver malicious payloads.…
Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution
Google has rolled out an urgent security patch for its Chrome browser, addressing five vulnerabilities that could enable attackers to execute malicious code remotely. The update, version 142.0.7444.134/.135 for Windows, 142.0.7444.135 for macOS, and 142.0.7444.134 for Linux, targets critical flaws…
Ransomware Attack on European Organizations Surge as Hackers Leveraging AI-Tools for Attacks
European organizations are facing an unprecedented wave of ransomware attacks as cybercriminals increasingly integrate artificial intelligence tools into their operations. Since January 2024, big game hunting threat actors have named approximately 2,100 Europe-based victims on more than 100 dedicated leak…
October Sees Rise in Phishing and Ransomware Attacks, Including TyKit and Google Careers Scams
October 2025 marked a notable escalation in cyber threats, with phishing campaigns and ransomware variants exploiting trusted cloud services to target corporate credentials and critical infrastructure. Attackers increasingly abused platforms like Google, Figma, and ClickUp for credential theft, while LockBit’s…
Windows Cloud Files Mini Filter Driver Vulnerability Exploited to Escalate Privileges
A privilege escalation flaw in Windows Cloud Files Mini Filter Driver has been discovered, allowing local attackers to bypass file write protections and inject malicious code into system processes. Security researchers have uncovered CVE-2025-55680, a high-severity privilege-escalation vulnerability in the…
Guide to Choosing the Best Free Backup Software for Secure, Reliable Cloud Backup
Any individual heavily depends on data as their most critical asset: from memorable photos to important work documents, everything must be safeguarded properly. Why? Simply because you can never predict what might happen to your data: you could lose your…
Curly COMrades Hacker Group Using New Tools to Create Hidden Remote Access on Compromised Windows 10
A sophisticated threat actor known as Curly COMrades has deployed an innovative attack methodology that leverages legitimate Windows virtualization features to establish covert, long-term access to victim networks. The campaign, which began in early July 2025, represents a significant evolution…
FIN7 Hackers Using Windows SSH Backdoor to Establish Stealthy Remote Access and Persistence
The notorious FIN7 threat group, also known by the nickname Savage Ladybug, continues to pose a significant risk to enterprise environments through an increasingly refined Windows SSH backdoor campaign. The group has been actively deploying this sophisticated backdoor mechanism to…
DragonForce Cartel Emerges From the Leaked Source Code of Conti v3 Ransomware
DragonForce, a ransomware-as-a-service operation active since 2023, has dramatically evolved into what researchers now describe as a structured cybercriminal cartel, leveraging the publicly leaked Conti v3 source code to establish a formidable threat infrastructure. The group initially relied on the…
CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as CentOS Web Panel. The vulnerability, tracked as CVE-2025-48703, enables unauthenticated remote attackers to…
Microsoft Warns Windows Systems May Enter BitLocker Recovery After October 2025 Updates
Microsoft has issued an urgent advisory for Windows users, highlighting a potential glitch that could force certain devices into the BitLocker recovery screen after installing security updates released on or after October 14, 2025. The company is actively investigating the…
239 Malicious Android Apps on Google Play With Downloaded Over 40 Million Times
A significant security threat has emerged from the Google Play Store, where threat actors have successfully deployed 239 malicious applications that have been collectively downloaded more than 42 million times. This discovery marks a disturbing trend in mobile malware campaigns…
Hackers Exploit OneDrive.exe Through DLL Sideloading to Execute Arbitrary Code
A sophisticated attack technique that exploits Microsoft’s OneDrive application through DLL sideloading, allowing threat actors to execute malicious code while evading detection mechanisms. The attack leverages a weaponized version.dll file to hijack legitimate Windows processes and maintain persistence on compromised…