Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting Microsoft Help Index Files (.mshi) to deliver the notorious PipeMagic backdoor, marking a significant evolution in the threat actors’ tactics since the malware’s first detection in 2022. The campaign, which has…
Category: Cyber Security News
Threats Actors Using Telegram as The Communication Channel to Exfiltrate The Stolen Data
Cybersecurity researchers have identified an alarming trend where threat actors are increasingly leveraging Telegram’s Bot API infrastructure as a covert communication channel for data exfiltration. This sophisticated attack methodology combines traditional phishing techniques with legitimate messaging services to bypass conventional…
Weaponized Python Package Termncolor Attacking Leverages Windows Run Key to Maintain Persistence
A sophisticated supply chain attack targeting Python developers has emerged through a seemingly innocuous package named termncolor, which conceals a multi-stage malware operation designed to establish persistent access on compromised systems. The malicious package, distributed through the Python Package Index…
DoJ Seizes $2.8 Million in Crypto From Zeppelin Ransomware Operators
The U.S. Department of Justice (DoJ) announced the seizure of over $2.8 million in cryptocurrency, $70,000 in cash, and a luxury vehicle linked to Zeppelin ransomware operations. The warrants were unsealed on August 14, 2025, in federal courts across Virginia,…
Technical Details of SAP 0-Day Exploitation Script Used to Achieve RCE Disclosed
A sophisticated zero-day exploitation script targeting SAP systems has emerged in the cybersecurity landscape, demonstrating advanced remote code execution capabilities that pose significant risks to enterprise environments worldwide. The malicious payload specifically targets SAP NetWeaver Application Server vulnerabilities, exploiting weaknesses…
Intel Websites Exploited to Hack Every Intel Employee and View Confidential Data
A series of critical vulnerabilities across multiple internal Intel websites allowed for the complete exfiltration of the company’s global employee database and access to confidential supplier information. The flaws, stemming from basic security oversights, exposed the personal details of over…
APT SideWinder Actor Profile – Recent Attacks, Tactics, Techniques, and Procedures
APT SideWinder, also known as Rattlesnake, Razor Tiger, and T-APT-04, is a nation-state advanced persistent threat (APT) group active since at least 2012 and believed to originate from India. Noted for targeting military, government, and strategic business entities, particularly in…
X-VPN’s August Update Lets Mobile Users Choose Servers in 26 Regions with Military-Grade AES-256 Encryption
San Francisco, CA – August 12, 2025 — Addressing the growing demand for data privacy in financial workflows, X-VPN has rolled out an update to its mobile application, now offering free users the ability to manually choose from 26 server…
Linux Kernel Netfilter Vulnerability Let Attackers Escalate Privileges
A critical vulnerability in the Linux kernel’s netfilter ipset subsystem has been discovered that allows local attackers to escalate privileges to root-level access. The flaw, identified in the bitmap:ip implementation within the ipset framework, stems from insufficient range validation when…
New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay
A sophisticated new cybercriminal technique known as “ghost-tapping” has emerged as a significant threat to contactless payment systems, enabling Chinese-speaking threat actors to exploit stolen payment card details linked to mobile wallet services such as Apple Pay and Google Pay.…
Bragg Confirms Cyber Attack – Hackers Accessed Internal IT Systems
Bragg Gaming Group has confirmed a significant cybersecurity incident that compromised the company’s internal IT infrastructure early Saturday morning, August 16, 2025. The online gaming technology provider discovered unauthorized network intrusion attempts that successfully breached their security perimeter, prompting immediate…
VirtualBox 7.2 Released With Support for Windows 11/Arm VMs and 50 Bug Fixes
Oracle has announced the release of VirtualBox 7.2, a major update to the popular open-source virtualization platform that introduces significant enhancements for Windows 11/Arm virtualization, comprehensive GUI improvements, and numerous bug fixes. Released on August 14, 2025, this version marks…
1000+ Exposed N-able N-central RMM Servers Unpatched for 0-Day Vulnerabilities
Over 1,000 exposed and unpatched N-able N-central Remote Monitoring and Management (RMM) servers are vulnerable to two newly disclosed zero-day vulnerabilities – CVE-2025-8875 and CVE-2025-8876. As of August 15, 2025, exactly 1,077 unique IPs have been identified as running outdated…
Critical PostgreSQL Vulnerabilities Allow Arbitrary Code Injection During Restoration
The PostgreSQL Global Development Group has issued emergency security updates across all supported versions to address three critical vulnerabilities that could allow attackers to execute arbitrary code during database restoration processes. The vulnerabilities affect PostgreSQL versions 13 through 17, with…
What is Use-After-Free Vulnerability? – Impact and Mitigation
Use-after-free (UAF) vulnerabilities represent one of the most critical and prevalent security threats in modern software systems, particularly affecting applications written in memory-unsafe languages like C and C++. These vulnerabilities occur when a program continues to use a memory location…
Rockwell ControlLogix Ethernet Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in Rockwell Automation’s ControlLogix Ethernet communication modules, potentially allowing remote attackers to execute arbitrary code on industrial control systems. The vulnerability, tracked as CVE-2025-7353, affects multiple ControlLogix Ethernet modules and carries a maximum…
Hundreds of TeslaMate Installations Leaking Sensitive Vehicle Data in Real Time
A cybersecurity researcher has discovered that hundreds of publicly accessible TeslaMate installations are exposing sensitive Tesla vehicle data without authentication, revealing GPS coordinates, charging patterns, and personal driving habits to anyone on the internet. The vulnerability stems from misconfigured deployments…
HR Giant Workday Discloses Data Breach After Hackers Compromise Third-Party CRM
Workday, a leading provider of enterprise cloud applications for finance and human resources, has confirmed it was the target of a sophisticated social engineering campaign that resulted in a data breach via a third-party Customer Relationship Management (CRM) platform. The…
Threat Actor Allegedly Claiming Access to 15.8 Million PayPal Email and Passwords in Plaintext
A threat actor operating under the alias “Chucky_BF” has posted a concerning advertisement on a well-known cybercrime forum, claiming to possess and sell a “Global PayPal Credential Dump 2025” containing over 15.8 million email and plaintext password pairs. The dataset,…
North Korean Hackers Stealthy Linux Malware Leaked Online
In a significant breach of both cybersecurity defenses and secrecy, a trove of sensitive hacking tools and technical documentation, believed to originate from a North Korean threat actor, has recently been leaked online. The dump, revealed through an extensive article…