The food and agriculture sector has become a prime target for cybercriminals, with ransomware attacks more than doubling in the past quarter. Security researchers have documented 84 significant ransomware incidents targeting agricultural businesses between February and April 2025, compared to…
Category: Cyber Security News
Hackers Can Bypass Microsoft, Nvidia, & Meta AI Filters With a Simple Emoji
A significant security vulnerability has been uncovered in the artificial intelligence safeguards deployed by tech giants Microsoft, Nvidia, and Meta. According to new research, these companies’ AI safety systems can be completely bypassed using a deceptively simple technique involving emoji…
Hackers Launching Cyber Attacks Targeting Multiple Schools & Universities in New Mexico
Educational institutions across New Mexico are facing a growing cyber threat landscape, mirroring a troubling pattern seen nationwide. Recent network intrusions targeting multiple schools and universities in the state have raised significant concerns about digital security in educational environments. These…
Microsoft 365 Hit By Major Outage Impacting Teams, OneDrive, & SharePoint
Users across various regions are currently experiencing significant disruptions to Microsoft 365 services, including Microsoft Teams, OneDrive for Business, and SharePoint Online. This situation follows the identification of a major service degradation incident that occurred this evening. The outage, first…
Initial Access Brokers Plays a Vital Role Modern Ransomware Attacks
In today’s evolving cyberthreat landscape, Initial Access Brokers (IABs) have emerged as critical facilitators in the ransomware attack chain. These specialized cybercriminals focus exclusively on breaching corporate networks and subsequently selling this valuable access to ransomware operators on the dark…
2,800+ Hacked Websites Attacking MacOS Users With AMOS Stealer Malware
A massive malware campaign targeting macOS users through more than 2,800 compromised websites. The operation deploys Atomic Stealer (AMOS), a sophisticated information-stealing malware specifically designed to extract sensitive data from Apple computers. The campaign, dubbed “MacReaper” was initially discovered on…
Popular Instagram Blogger’s Account Hacked to Trick Users & Steal Banking Credentials
A prominent Instagram influencer with over 2.5 million followers became the unwitting host of a sophisticated phishing campaign this week. The unnamed lifestyle blogger’s account was compromised on Monday, with attackers using their trusted platform to distribute malicious links disguised…
M365 Copilot Chat & Office Apps Gets SafeLinks Protection at Time-of-Click of URL
In a significant security enhancement announced today, Microsoft has successfully rolled out SafeLinks protection worldwide for M365 Copilot Chat across Desktop, Web, Outlook Mobile, Teams Mobile, and the Microsoft 365 Copilot Mobile app on both iOS and Android platforms. This…
Microsoft Warns Default Helm Charts May Expose Kubernetes Apps to Data Leaks
Microsoft security researchers have issued an urgent warning that default Helm chart configurations widely used for deploying Kubernetes applications could inadvertently expose sensitive data to attackers. According to a report published on May 5, 2025, by Microsoft Defender for Cloud…
Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks
The Mobile Security Framework (MobSF), a widely utilized tool, contains two critical zero-day vulnerabilities. These vulnerabilities, designated as CVE-2025-46335 and CVE-2025-46730, impact all versions of MobSF up to and including version 4.3.2. If exploited, they could result in system compromise…
Microsoft Reminds of Windows 10 To Reach End of Support – No More Security Updates
As the clock ticks down to October 14, 2025, Microsoft has intensified its efforts to alert Windows 10 users about the impending end of support deadline. After this date, the decade-old operating system will no longer receive security updates, bug…
Android Security Update – Critical Patch Released for Actively Exploited Vulnerability
Google has released the Android Security Bulletin for May 2025, addressing multiple vulnerabilities, including a high-severity remote code execution flaw that is actively being exploited in the wild. The most severe issue identified in the May 2025 security patch is…
Hackers Using Fake Chrome Error Pages to Attack Windows Users With Malicious Scripts
A sophisticated social engineering tactic dubbed “ClickFix” has emerged as a significant threat to Windows users, tricking victims into executing malicious PowerShell scripts through fake browser error pages. First identified in spring 2024, this attack vector has rapidly gained popularity…
DragonForce Ransomware Hits Harrods, Marks and Spencer, Co-Op & Other UK Retailers
A coordinated wave of cyberattacks has struck major UK retailers in recent weeks, with the DragonForce ransomware group claiming responsibility for breaches at Marks & Spencer, Co-op, and luxury department store Harrods. These attacks have caused significant operational disruptions and…
5 Critical MSSP Tasks Streamlined By Threat Intelligence
Managed Security Service Providers (MSSPs) deliver outsourced cybersecurity services, focusing on monitoring, managing, and mitigating threats for organizations. Threat intelligence actionable data about potential cyber threats enhances their ability to predict, detect, and respond to attacks. Below are five critical…
CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, identified as CVE-2025-3248, allows unauthenticated remote attackers to execute arbitrary code on vulnerable servers running the…
New GPOHound Tool To Analyze Group Policy in Active Directory For Privilege Escalation Paths
The new GPOHound is a powerful new open-source tool designed to analyze Group Policy Objects (GPOs) in Active Directory environments for privilege escalation vulnerabilities and misconfigurations. The tool, released on May 2, 2025, automatically detects insecure settings that attackers could…
New ClickFix Attack Mimics Ministry of Defense Website to Attack Windows & Linux Machines
Cybersecurity experts have identified a sophisticated new malware campaign dubbed “ClickFix” that employs advanced social engineering tactics to compromise both Windows and Linux systems. The attack creates convincing replicas of Ministry of Defense websites across multiple countries, tricking users into…
Microsoft Fixes Group Policy Bug That Prevents Installation of Windows 11 24H2
Microsoft has officially acknowledged that the April 2025 security update is preventing Windows 11 systems from upgrading to version 24H2 when using Windows Server Update Services (WSUS). The issue affects organizations attempting to deploy the latest feature update across their…
Beyond DDoS: The New Breed Of Layer 7 Attacks And How SMEs Can Outmaneuver Them
When most people think of DDoS attacks, they envision tsunami-like floods of traffic overwhelming servers. That’s the classic Layer 3/4 strategy brute force attacks meant to crash services by clogging up bandwidth. But over the last quarter, I’ve seen a…