As technology advances, more and more organizations are turning to cloud computing as a necessary solution for their data storage and processing needs. Cloud computing is a widely accepted trend in the information technology industry, and it allows users to…
Category: Cyber Security News
FBI Warns of Hackers Compromising End-of-Life Routers to Hide Their Activity
The Federal Bureau of Investigation has issued an urgent public service announcement warning that cybercriminals are actively exploiting outdated routers to build extensive proxy networks for illicit activities. According to a recent FBI FLASH report, threat actors are targeting end-of-life…
Indirect Prompt Injection Leverage LLMs as They Lack Informational Context
Cybersecurity researchers have identified a growing threat vector targeting artificial intelligence systems through a technique known as indirect prompt injection. Unlike traditional attacks that directly manipulate an LLM’s user interface, these sophisticated attacks embed malicious instructions within external content that…
FreeDrain Phishing Attack Users to Steal Users Financial Login Credentials
A sprawling phishing operation dubbed “FreeDrain” has emerged as an industrial-scale cryptocurrency theft network that systematically targets and drains digital wallets. This sophisticated campaign leverages search engine manipulation and free-tier web hosting services to create an extensive web of malicious…
Hackers Attacking Windows IIS Web Server With Native Module Malware
A sophisticated attack campaign targeting Windows IIS web servers with stealthy malicious native modules. Researchers observed Chinese-speaking threat actors deploying advanced IIS malware against South Korean web servers, allowing attackers to intercept and manipulate all incoming web traffic while remaining…
Azure Storage Utility Vulnerability Let Attackers Escalate Their Privileges to Root
A critical security vulnerability in AZNFS-mount, an Azure utility that allows attackers to escalate privileges from an unprivileged user to root on Linux machines. The vulnerability affects all versions up to 2.0.10 of the utility, which comes preinstalled on Azure…
North Korean’s OtterCookie Malware Upgraded With New Features for Windows, Linux & macOS
A sophisticated malware known as OtterCookie, attributed to the North Korean threat actor WaterPlum (also called Famous Chollima or PurpleBravo), has received significant upgrades that enhance its cross-platform capabilities and credential theft functions. First observed in September 2024, this malware…
The Rise of Ransomware – Strategies to Protect Your Systems
Ransomware has emerged as one of the digital age’s most pervasive and financially devastating cyber threats. In 2024, organizations globally faced unprecedented challenges, with 59% reporting ransomware attacks in the past year, a 13% increase over five years. The average…
New Spam Campaign Abuses Remote Monitoring Tools to Attack Organizations
A sophisticated spam campaign targeting Brazilian organizations has emerged, exploiting legitimate Remote Monitoring and Management (RMM) tools to gain unauthorized access to corporate networks. Discovered in early 2025, this attack campaign specifically targets Portuguese-speaking users through deceptive emails that trick…
New Attack Exploiting X/Twitter Advertising Display URL Feature to Trick Users
A sophisticated financial scam has emerged on X/Twitter, exploiting a critical vulnerability in the platform’s advertising display URL feature. Cybersecurity researchers have uncovered a campaign that tricks users by displaying trusted domain names in advertisements while redirecting victims to malicious…
The Invisible Storm: Why Cloud Malware Is Your Business’s New Weather Emergency
Remember when a storm warning meant boarding up windows and stocking up on batteries? For today’s businesses, the most dangerous storms aren’t brewing in the atmosphere but forming in the cloud, where a new generation of malware threatens to rain…
New DOGE Big Balls Ransomware Using Open-Source Tools & Custom Scripts to Infect Victim Machines
Cybersecurity researchers have identified a sophisticated new ransomware variant called “DOGE Big Balls,” which appears to be a modified version of the existing Fog ransomware family. The malware, provocatively named after the Department of Government Efficiency (DOGE), employs a complex…
470 Ransomware Attacking in 2025, Qilin Remains Dominant Followed by Silent & Crypto24
April 2025 witnessed a notable shift in the global ransomware landscape, with 470 reported victims worldwide representing a significant 29% decrease from March. Despite this numerical decline, ransomware operations continue to demonstrate increased sophistication and strategic targeting, indicating that threat…
Radware Cloud Web App Firewall Vulnerability Let Attackers Bypass Filters
Security researchers have uncovered critical vulnerabilities in Radware’s Cloud Web Application Firewall (WAF) that could allow attackers to completely bypass security filters, potentially exposing underlying web applications to various attacks. The vulnerabilities, tracked as CVE-2024-56523 and CVE-2024-56524, were publicly disclosed…
Ubiquiti UniFi Protect Camera Vulnerability Allows Remote Code Execution
A critical security vulnerability in Ubiquiti UniFi Protect Cameras could allow attackers to execute arbitrary code remotely. The flaw, which received the highest possible CVSS score of 10.0, affects all camera firmware versions 4.75.43 and earlier, prompting an urgent call…
IXON VPN Client Vulnerability Let Attackers Escalate Privileges
Significant vulnerabilities in the IXON VPN Client allow local attackers to gain system-level privileges on Windows, Linux, and macOS systems. The flaws, tracked as CVE-2025-26168 and CVE-2025-26169, affect versions prior to 1.4.4 and could grant unauthorized users complete control over…
Which Browser is The Worst for Data Collection – Hope You Guessed It!
The web browsers serve as our primary gateway to the internet, but they also function as sophisticated data collection tools. Every click, search, and page visit generates valuable data that can be harvested, analyzed, and monetized by browser developers. As…
Ransomware-as-a-Service (RaaS) Evolved as a Predominant Framework for Ransomware Attacks
The cybersecurity landscape has witnessed a significant paradigm shift with Ransomware-as-a-Service (RaaS) emerging as the dominant business model for cybercriminals seeking financial gain through digital extortion. This subscription-based model has democratized ransomware attacks, allowing technically unskilled criminals to deploy sophisticated…
Researchers Details macOS Remote Code Execution Vulnerability – CVE-2024-44236
A critical remote code execution vulnerability identified in Apple’s macOS operating system, tracked as CVE-2024-44236. The vulnerability, which carries a high CVSS score of 7.8, could allow attackers to execute arbitrary code by tricking users into opening specially crafted files.…
Microsoft Bookings Vulnerability Let Attackers Alter the Meeting Details
A significant vulnerability in Microsoft Bookings allowed attackers to manipulate meeting details by exploiting insufficient input validation. The flaw, which Microsoft has largely remedied, enabled malicious actors to inject arbitrary HTML into meeting invitations, alter calendar entries, and potentially facilitate…