A significant cybersecurity threat has emerged as the BIG SHARK Android Remote Access Trojan (RAT), a cracked version of the infamous Craxs 7.6 RAT, has been leaked online. This development highlights the evolving risks posed by malicious actors exploiting Android…
Category: Cyber Security News
Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT
A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…
New ChatGPT’s Premium Features Subscription Phishing Attack Steal Logins
A sophisticated phishing operation leveraging OpenAI’s ChatGPT branding has targeted over 12,000 users across North America and Europe. The campaign impersonates ChatGPT subscription renewal notices to harvest login credentials and payment details, exploiting the platform’s restricted access model for GPT-4…
Stablecoin Bank Hacked – Hackers Stolen $49.5M in Attack
In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year. The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH…
Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack
The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious packets. The update resolves CVE-2025-1492, a flaw in the Bundle…
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast
DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves unprecedented performance metrics of 3000 GB/s memory…
Parallels Desktop 0-Day Vulnerability Gain Root Privileges – PoC Released
A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems. All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the…
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware
A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours of initial compromise. The attackers orchestrated a multi-stage intrusion involving…
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries
Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN…
10 Best DevOps Tools in 2025
The term “DevOps” is a combination of the words “development” and “operations.” Promoting the development and operation processes collectively is a cultural requirement. A single team can now manage the entire application lifecycle, including development, testing, deployment, and operations. System…
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks. The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed…
Record Breaking Crypto Hack – Attackers Stolen $1.46 Billion From Bybit Exchange
Attackers infiltrated Bybit Exchange’s Ethereum cold wallet infrastructure to steal $1.46 billion in digital assets through sophisticated interface manipulation and social engineering tactics. The incident represents the largest theft from a centralized crypto exchange since Mt. Gox’s 2014 collapse, exposing…
Top 10 Best Ransomware Protection Tools – 2025
Ransomware is essential to stay vigilant and protect your devices and systems by keeping software up to date, using anti-virus software, avoiding opening attachments or links from unknown sources, and regularly backing up important data. Ransomware is malware that encrypts…
50 World’s Best Penetration Testing Companies – 2025
Penetration testing, or “pentesting,” is a cybersecurity practice where ethical hackers simulate cyberattacks to identify vulnerabilities in systems, networks, or applications. It helps organizations uncover weaknesses before malicious actors exploit them, enhancing their security posture. Penetration testing includes various types…
10 Best Email Security Gateways In 2025
Email is one of the most widely used forms of online communication. It is sent and received through a client program, such as Microsoft Outlook, Gmail, or a web-based interface. Email is a popular communication technique, but it may not…
BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics
A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data breach. It enables researchers to dissect the group’s operations, financial…
Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks
Cisco Talos has uncovered a sophisticated cyberespionage campaign by the state-aligned “Salt Typhoon” group targeting U.S. telecommunications infrastructure since late 2024. While credential theft remains their primary entry method, researchers confirmed exploitation of Cisco’s CVE-2018-0171 Smart Install Remote Code Execution…
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key
A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tracked as CVE-2022-35202, stems from weak auto-generated passwords protecting Java keystores, which could be…
ACRStealer Malware Exploiting Google Docs as C2 To Steal Login Credentials
A newly identified malware variant dubbed ACRStealer has been observed leveraging Google Docs as a command-and-control (C2) server to bypass traditional security defenses and harvest sensitive login credentials. This sophisticated attack vector exploits the trusted reputation of Google’s infrastructure to…
China Claim That NSA Allegedly Hacked Northwestern Polytechnical University
Chinese cybersecurity authorities have alleged that the U.S. National Security Agency (NSA) breached Northwestern Polytechnical University (NPU), a leading institution in aerospace and defense research, in a multi-year cyber espionage campaign. According to joint reports published on February 18, 2025,…