Category: Cyber Security News

The mobile threat landscape is witnessing a significant shift toward professionalized cybercriminal operations, driven by the increasing availability of sophisticated malicious tools. A new and potent threat known as SURXRAT has recently emerged, operating as a high-functioning Remote Access Trojan…

Read more →

Cybercriminals are frequently refining their techniques to exploit consumer trust, and a highly sophisticated phishing campaign has recently surfaced that impersonates the cybersecurity firm Avast. This operation is designed to harvest sensitive financial credentials by tricking users into believing they…

Read more →

How much time do you spend reviewing alerts that turn out to be harmless?  In many teams, a single alert takes around 30 minutes to investigate. Not because it’s complex, but because you have to pull context from multiple tools…

Read more →

U.S. authorities have confirmed that threat actors are actively exploiting a critical vulnerability in FileZen by Soliton Systems K.K.. Due to the high risk associated with this flaw, CISA has officially added it to the Known Exploited Vulnerabilities (KEV) Catalog.…

Read more →

Threat actors are always looking for new ways to abuse trusted platforms, and Microsoft Entra ID is increasingly becoming a target through a technique known as OAuth consent abuse. A newly documented attack scenario shows how a malicious or overly…

Read more →

An urgent security update has been released for the Serv-U file server software to fix multiple critical vulnerabilities that could allow attackers to fully compromise affected systems. The latest release, Serv-U version 15.5.4, addresses four high-severity security flaws, each with…

Read more →

Purview Data Loss Prevention (DLP) controls are being expanded to block Microsoft 365 Copilot from processing sensitivity-labeled files across all storage locations, including local devices. The change aims to close a critical governance gap in enterprise AI deployments. Previously, DLP…

Read more →

Organizations are being reminded that three Windows releases first introduced in 2016 are nearing end-of-support. After receiving their final monthly security update, they will no longer get security patches, bug fixes, non-security updates, technical support, or updated online documentation. Product…

Read more →

An optional non-security update, KB5077241, has been released for Windows 11 versions 25H2 and 24H2, improving overall functionality, performance, and reliability without addressing security vulnerabilities. The release, which brings the OS builds to 26200.7922 and 26100.7922, includes enhancements to user…

Read more →

A coordinated attack campaign is actively targeting software developers through malicious repositories disguised as legitimate Next.js projects and technical assessment materials. The attackers rely on job-themed lures, presenting fake recruitment challenges that convince developers to clone and run poisoned code…

Read more →

Multiple vulnerabilities have been discovered in CryptoPro Secure Disk (CPSD) for BitLocker, a widely used encryption solution. These flaws could allow an attacker with physical access to a device to gain persistent root access and steal sensitive credentials. The issues…

Read more →

A critical vulnerability in Apache ActiveMQ has been actively exploited by threat actors, leading to a full LockBit ransomware deployment across an enterprise network. Attackers leveraged CVE-2023-46604, a remote code execution flaw in the ActiveMQ messaging broker, to break into…

Read more →

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on February 24, 2026, designated Russian national Sergey Sergeyevich Zelenyuk and his St. Petersburg-based company Matrix LLC operating publicly as Operation Zero, along with five associated individuals and…

Read more →

A critical AI-driven vulnerability in GitHub Codespaces, dubbed RoguePilot, that enabled attackers to silently hijack a repository by embedding malicious instructions inside a GitHub Issue. The flaw, uncovered by researchers at the Orca Research Pod, exploits the seamless integration between…

Read more →

In 2025, threat actors turned widely used artificial intelligence tools into weapons for launching fast, precise network intrusions. CrowdStrike’s 2026 Global Threat Report found an 89% year-over-year increase in attacks by AI-enabled adversaries, as criminals used automation and machine-generated scripts…

Read more →

A supply chain attack targeting ASP.NET developers has surfaced, involving four malicious NuGet packages built to steal login credentials and plant persistent backdoors inside web applications. The packages — NCryptYo, DOMOAuth2_, IRAOAuth2.0, and SimpleWriter_ — were published between August 12…

Read more →

The financial sector remains a prime target for cybercriminals, safeguarding not only vast sums of money but also sensitive personal data, payment systems, and economic trust. Recent reports highlight escalating threats, with 65% of financial organizations hit by ransomware in…

Read more →

Atomic macOS Stealer (AMOS), a well-known data-theft malware, has taken a sharp turn in how it reaches victims. Instead of hiding inside cracked software downloads as it once did, threat actors now embed it within malicious OpenClaw skills — small…

Read more →

A critical Remote Code Execution (RCE) vulnerability has been identified in a Ruby background job processing system. The flaw stems from unsafe JSON deserialization, which allows untrusted input to be transformed into executable objects. This issue highlights the hidden dangers…

Read more →

The UK’s Information Commissioner’s Office (ICO) has issued a £14.47 million ($19.52 million) fine against Reddit, Inc. after an investigation concluded the social media platform unlawfully processed the personal information of children under the age of 13, failing to implement…

Read more →