In a sophisticated cyber espionage campaign, Iranian threat actors have deployed a fraudulent website impersonating a legitimate German modeling agency to gather intelligence and potentially target specific individuals. The operation, discovered in early May 2025, features advanced visitor profiling techniques…
Category: Cyber Security News
Nmap 7.96 Released With New Scanning Features & Upgraded Libraries
The Nmap Project has officially released version 7.96 of its powerful network scanning tool. The release introduces a suite of technical enhancements, including dramatically faster DNS resolution, new NSE (Nmap Scripting Engine), and numerous bug fixes that further enhance Nmap’s…
OneDrive New Feature Allows Default Sync of Personal & Corporate Accounts
Microsoft is rolling out a new OneDrive feature this month that allows users to sync their personal accounts with corporate accounts by default, raising significant security concerns among IT professionals. The feature, officially titled “Prompt to Add Personal Account to…
Detecting Vulnerable Commvault Environments Within Azure Using KQL Query
Cybersecurity analysts are racing to respond to an active exploitation campaign targeting Commvault environments in Microsoft Azure through the recently identified CVE-2025-3928 vulnerability. This critical vulnerability, which enables authenticated attackers to compromise web servers through the creation and execution of…
Multiple SonicWall SMA 100 Vulnerabilities Let Attackers Compromise Systems
SonicWall has disclosed multiple high-severity vulnerabilities affecting its Secure Mobile Access (SMA) 100 series products. Security researchers from Rapid7 discovered three significant post-authentication vulnerabilities that, when chained together, could lead to complete system compromise with root-level access. The flaws impact…
Apache ActiveMQ Vulnerability Let Attackers Trigger DoS Condition
A significant vulnerability has been discovered in Apache ActiveMQ, the widely used open-source message broker. The flaw, officially tracked as CVE-2025-27533, enables remote attackers to trigger a Denial of Service (DoS) condition by exploiting improper memory allocation during the handling…
AI Polluting Bug Bounty Platforms with Fake Vulnerability Reports
Bug bounty programs, once celebrated for incentivizing independent researchers to report real-world vulnerabilities, are now facing a significant challenge from AI-generated fake vulnerability reports. These fabricated submissions, known in the industry as “AI slop,” are increasingly wasting maintainers’ time and,…
CoGUI Phish Kit Impersonate Well-Known Companies to Attack Users & Steal Credentials
A sophisticated phishing framework known as CoGUI has emerged as a significant threat, primarily targeting organizations in Japan with millions of phishing messages since October 2024. The kit impersonates popular consumer and finance brands, including Amazon, PayPay, Rakuten, and various…
Russian COLDRIVER Hackers Using LOSTKEYS Malware To Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign attributed to the Russian threat actor COLDRIVER, also known as Star Blizzard or Callisto. The newly identified malware, dubbed LOSTKEYS, has been observed targeting diplomatic institutions, defense contractors, and critical infrastructure organizations…
Qilin Has Emerged as The Top Ransomware Group in April with 74 Cyber Attacks
In a significant shift within the cybercriminal ecosystem, Qilin ransomware group has surged to prominence in April 2025, orchestrating 74 cyber attacks globally according to the latest threat intelligence report. This dramatic rise follows the unexpected disappearance of RansomHub, which…
Lockbit Ransomware Hacked – Leaked Database Exposes Internal Chats
The notorious LockBit ransomware operation has suffered a significant breach. Attackers defaced their dark web infrastructure and leaking a comprehensive database containing sensitive operational details on May 7. The hack represents a major blow to one of the world’s most…
Beware of Fake Social Security Statement That Tricks Users to Install Malware
A sophisticated phishing campaign targeting Americans is currently making rounds via fake Social Security Administration (SSA) emails. These convincingly crafted messages inform recipients that their Social Security Statement is available for download, encouraging them to click on an attached file.…
Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers
Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices. The flaw, assigned the maximum severity rating of 10.0, enables unauthenticated remote attackers to…
Agenda Ransomware Group Upgraded Their Arsenal With SmokeLoader and NETXLOADER
In a significant evolution of their attack capabilities, the Agenda ransomware group has recently incorporated SmokeLoader malware and a new .NET-based loader dubbed NETXLOADER into their arsenal. This development, observed in campaigns initiated during November 2024, marks a substantial upgrade…
Top Ransomware Actors Actively Attacking Financial Sector, 406 Incidents Publicly Disclosed
The financial sector has emerged as a prime target for sophisticated ransomware operations, with a staggering 406 publicly disclosed incidents recorded between April 2024 and April 2025. These attacks have demonstrated increasingly advanced technical capabilities and strategic targeting, causing significant…
Healthcare Sector Emerges as a Prime Target for Cyber Attacks in 2025
The healthcare industry has become increasingly vulnerable to sophisticated cyber threats in 2025, with malicious actors specifically targeting medical institutions’ growing cloud infrastructure and digital workflows. According to recent findings, threat actors have shifted their tactics to leverage trusted cloud…
Critical Open Source Easyjson Library Under Full Control of Russian Company
A critical security revelation has sent shockwaves through the cybersecurity community as researchers uncovered that easyjson, a widely adopted open-source Go package central to JSON serialization processes, is under complete control of developers based in Moscow who work for VK…
UK Government Sets Timeline to Replace Passwords With Passkeys
The UK government has unveiled plans to roll out passkey technology across its digital services as it seeks to reduce the risk of cyber-attacks to people’s GOV.UK accounts. Announced during the CYBERUK 2025 conference in Manchester, this initiative aims to…
Lampion Banking Malware Employs ClickFix Lures To Steal Banking Information
A sophisticated banking trojan known as Lampion has resurfaced with an evolved attack strategy, now exploiting fake ClickFix utility lures to harvest sensitive banking credentials from unsuspecting victims. This banking malware, first identified in late 2019, has undergone significant modifications…
DPRK’s Largest Cryptocurrency Heist via a Compromised macOS Developer and AWS Pivots – Researchers Emulated
North Korean state-sponsored hackers have executed what security experts are calling the largest cryptocurrency theft operation to date, successfully stealing an estimated $625 million through an elaborate attack chain that compromised a high-profile macOS developer’s environment and leveraged Amazon Web…