Category: Cyber Security News

A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly modify its content. The vulnerability discovered by two web development experts arises from the website’s…

Read more →

The notorious Lazarus Group, a North Korean Advanced Persistent Threat (APT) group, has been linked to a sophisticated campaign targeting software developers. This campaign involves the use of infostealer malware, designed to steal sensitive information from developers’ systems. The attack…

Read more →

Job seekers have become the target of a sophisticated ransomware campaign in a recent cybersecurity threat, and this campaign dubbed as “XELERA.” This campaign uses fake job offers from the Food Corporation of India (FCI) to lure victims into opening…

Read more →

The notorious Lazarus Group in a recent escalation of cyber threats linked to North Korea, has unveiled a sophisticated new tactic to target developers worldwide. This campaign, dubbed “Operation Marstech Mayhem,” involves the deployment of an advanced malware implant known…

Read more →

A highly sophisticated cyber espionage group known as EarthKapre, also referred to as RedCurl, has been identified targeting private-sector organizations, particularly those in the Law Firms & Legal Services industry. The eSentire Threat Response Unit (TRU) uncovered the group’s recent…

Read more →

North Korean IT workers have been infiltrating international companies by securing remote positions under false identities. This tactic not only violates international sanctions but also poses significant cybersecurity risks, including data theft and the installation of backdoors on compromised systems.…

Read more →

A critical SQL injection vulnerability has been identified in Apache Fineract, an open-source core banking software widely used for financial services.  This flaw, tracked as CVE-2024-32838, affects versions 1.4 through 1.9 and has been classified as important, with a CVSS…

Read more →

NVIDIA has released a security update to address a critical vulnerability in its NVIDIA Container Toolkit and NVIDIA GPU Operator, which could allow attackers to execute arbitrary code, escalate privileges, and gain access to the host file system.  This vulnerability…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released twenty new Industrial Control Systems (ICS) advisories, aimed at addressing critical vulnerabilities in industrial systems.  The advisories cover a wide range of ICS products from prominent vendors such as Siemens, ORing,…

Read more →

Cyber threats have evolved significantly in recent years, with malicious actors employing sophisticated tactics to compromise user systems. One such threat is the SocGholish malware, which has been actively distributed through fake browser updates since 2017. This malware campaign exploits…

Read more →

A sophisticated phishing kit, known as the Astaroth 2FA phishing kit, has been identified targeting major email services such as Gmail, Yahoo, and Office 365, along with third-party login platforms. This kit is designed to bypass two-factor authentication (2FA) security…

Read more →

A sophisticated hacking campaign has been unveiled recently by Elastic Security Labs, dubbed “REF7707,” which has been targeting both Windows and Linux systems using novel malware families, including FINALDRAFT, GUIDLOADER, and PATHLOADER. This campaign has been notable for its advanced…

Read more →

A sophisticated phishing campaign, identified by Microsoft Threat Intelligence, has been exploiting a technique known as “device code phishing” to capture authentication tokens. This attack, attributed to a group called Storm-2372, has been active since August 2024 and targets a…

Read more →

Researchers observed a sophisticated cyber-espionage campaign led by the Chinese state-sponsored group known as “Salt Typhoon,” also referred to as “RedMike.”  Between December 2024 and January 2025, the group exploited over 1,000 unpatched Cisco network devices globally, targeting telecommunications providers…

Read more →

Researchers have uncovered a high-severity SQL injection vulnerability, CVE-2025-1094, affecting PostgreSQL’s interactive terminal tool, psql.  This flaw was identified during research into the exploitation of CVE-2024-12356, a remote code execution (RCE) vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote…

Read more →

A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen™ Master Utility, a software tool designed to optimize the performance of AMD Ryzen™ processors.  The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary…

Read more →

A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute arbitrary code on affected systems by exploiting malformed 7Z archive files. The flaw, rated 7.8 on the CVSS scale, impacts WinZip 28.0 (Build 16022) and…

Read more →

Palo Alto Networks has released a patch for a high-severity authentication bypass vulnerability, identified as CVE-2025-0108, affecting their PAN-OS software. GreyNoise has observed active exploitation attempts targeting this vulnerability. The flaw allows unauthenticated attackers to bypass the authentication required by the…

Read more →

ClearSky Cyber Security has uncovered a user interface (UI) vulnerability in Microsoft Windows that is currently being exploited by a sophisticated threat actor known as Mustang Panda, a group believed to be affiliated with Chinese state interests. The exploitation involves…

Read more →

A groundbreaking report from the Alliance for Securing Democracy (ASD) at the German Marshall Fund has revealed a disturbing trend: foreign threat actors from Russia, China, and Iran are increasingly targeting local communities across the United States. These operations aim…

Read more →