Two cybersecurity professionals have been federally charged for orchestrating a sophisticated ransomware campaign targeting multiple American businesses. Ryan Clifford Goldberg, 28, of Watkinsville, Georgia, and Kevin Tyler Martin, 31, of Roanoke, Texas, face serious criminal charges related to their alleged…
Category: Cyber Security News
Jupyter Misconfiguration Flaw Allow Attackers to Escalate Privileges as Root User
A significant security flaw in Jupyter notebook deployments could allow attackers to gain complete system control by exploiting default configurations and unauthenticated API access. Security researchers discovered that improperly configured Jupyter servers running with root privileges and disabled authentication can…
WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks
A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites vulnerable to account takeover attacks. The vulnerability, identified as CVE-2025-11833, enables unauthenticated attackers to access email logs containing sensitive password reset information, potentially compromising…
HydraPWK Penetration Testing OS With Necessary Hacking Tools and Simplified Interface
The HydraPWK project’s latest Apes-T1 snapshot refines its penetration-testing Linux distribution by replacing Elasticsearch with the open-source OpenSearch, resolving licensing issues and enhancing tools for industrial security assessments. This update, released shortly after the major Apes version, highlights HydraPWK’s focus…
XLoader Malware Analyzed Using ChatGPT’s, Breaks RC4 Encryption Layers in Hours
XLoader remains one of the most challenging malware families confronting cybersecurity researchers. This sophisticated information-stealing loader emerged in 2020 as a rebrand of FormBook and has evolved into an increasingly complex threat. The malware’s code decrypts only at runtime and…
Beat Threats with Context: 5 Actionable Tactics for SOC Analysts
Security teams drown in alerts but starve for insight. Blocklists catch the obvious. SIEM correlation gives clues. But only context reveals what an alert really means, and what you should do about it. Every SOC sees thousands of signals: odd domains,…
RondoDox Botnet Updated Their Arsenal with 650% More Exploits Targeting Enterprises
A sophisticated evolution of the RondoDox botnet has emerged with a staggering 650% increase in exploitation capabilities, marking a significant escalation in the threat landscape for both enterprise and IoT infrastructure. First documented by FortiGuard Labs in September 2024, the…
Attack Techniques of Tycoon 2FA Phishing Kit Targeting Microsoft 365 and Gmail Accounts Detailed
The Tycoon 2FA phishing kit has emerged as one of the most sophisticated Phishing-as-a-Service platforms since its debut in August 2023, specifically engineered to circumvent two-factor authentication and multi-factor authentication protections on Microsoft 365 and Gmail accounts. This advanced threat…
New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely
A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors like Cursor and Windsurf. The malware disguised itself as a legitimate Solidity extension under the identifier juan-bianco.solidity-vlang, exploiting name squatting…
Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks
A critical remote code execution (RCE) vulnerability tracked as CVE-2025-11953 in the @react-native-community/cli NPM package. With nearly 2 million weekly downloads, this package powers the command-line interface for React Native, a JavaScript framework beloved by developers building cross-platform mobile apps.…
Hackers Stolen Over $100 Million by Exploiting Balancer DeFi Protocol
Hackers have successfully stolen more than $100 million by exploiting a critical vulnerability in the Balancer protocol. Balancer, a leading DeFi platform known for its automated market-making pools, confirmed that only its V2 Composable Stable Pools were affected by the…
Zscaler Acquires Enterprise AI Security Firm SPLX to Boost Zero Trust Exchange
Zscaler, a leading cloud security company, has announced the acquisition of SPLX, an innovative AI security firm, to enhance its Zero Trust Exchange platform with advanced artificial intelligence protection capabilities. The acquisition aims to help organizations secure their AI investments…
Threat Actors Leverage RMM Tools to Hack Trucking Companies and Steal Cargo Freight
Cybercriminals have shifted their focus to a highly profitable target: the trucking and logistics industry. Over the past several months, a coordinated threat cluster has been actively compromising freight companies through deliberate attack chains designed to facilitate multi-million-dollar cargo theft…
Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Network
An ongoing malicious advertising campaign is weaponizing legitimate software downloads to deploy OysterLoader malware, previously identified as Broomstick and CleanUpLoader. This sophisticated initial access tool enables cybercriminals to establish footholds in corporate networks, ultimately serving as a delivery mechanism for…
Critical Android 0-Click Vulnerability in System Component Allows Remote Code Eexecution Attacks
Google has issued a critical security alert for Android devices, highlighting a severe zero-click vulnerability in the system’s core components that could allow attackers to execute malicious code remotely without any user interaction. Disclosed in the November 2025 Android Security…
Hackers Actively Scanning Internet to Exploit XWiki Remote Code Execution Vulnerability
A critical remote code execution vulnerability affecting XWiki’s SolrSearch component has become the target of widespread exploitation attempts, prompting cybersecurity authorities to add it to their watchlist. The flaw allows attackers with minimal guest privileges to execute arbitrary commands on…
Weaponized Putty and Teams Ads Deliver Malware Allowing Hackers to Access Devices and Networks
An ongoing malicious advertising campaign is weaponizing legitimate software downloads to deploy OysterLoader malware, previously identified as Broomstick and CleanUpLoader. This sophisticated initial access tool enables cybercriminals to establish footholds in corporate networks, ultimately serving as a delivery mechanism for…
Apple Patches Multiple Critical Vulnerabilities in iOS 26.1 and iPadOS 26.1
Apple released iOS 26.1 and iPadOS 26.1, addressing multiple vulnerabilities that could lead to privacy breaches, app crashes, and potential data leaks for iPhone and iPad users. The update targets devices starting from the iPhone 11 series and various iPad…
Hackers Actively Scanning for TCP Port 8530/8531 Linked to WSUS Vulnerability CVE-2025-59287
Cybersecurity researchers and firewall monitoring services have detected a dramatic surge in reconnaissance activity targeting Windows Server Update Services (WSUS) infrastructure. Network sensors collected from security organizations, including data from Shadowserver, show a significant increase in scans directed at TCP…
Open VSX Registry Addresses Leaked Tokens and Malicious Extensions in Wake of Security Scare
The Open VSX Registry and the Eclipse Foundation have completed their investigation into a significant security incident involving exposed developer tokens and malicious extensions. The comprehensive response reveals how the platform is strengthening defenses across the entire VS Code extension…