Microsoft has officially announced its 2025 Most Valuable Security Researchers, recognizing the top 100 security researchers worldwide who have made significant contributions to protecting Microsoft customers through the Microsoft Security Response Center (MSRC) program. The recognition is based on a…
Category: Cyber Security News
Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files
A critical vulnerability in Cisco’s Unified Intelligence Center (CUIC) web-based management interface has been classified with high severity, allowing authenticated remote attackers with Report Designer privileges to upload arbitrary files to affected systems. Tracked as CVE-2025-20274 and assigned a CVSS…
Threat Actors Weaponizing SVG Files to Embed Malicious JavaScript
Threat actors are quietly turning Scalable Vector Graphics (SVG) files into precision-guided malware. In a surge of phishing campaigns, seemingly innocuous .svg attachments slip past secure email gateways because mail filters regard them as static images. Once the recipient merely…
Vim Command Line Text Editor Vulnerability Let Attackers Overwrite Sensitive Files
A critical security vulnerability has been discovered in Vim, the popular open-source command line text editor used by millions of developers worldwide. The vulnerability, designated as CVE-2025-53906, affects the zip.vim plugin and enables attackers to overwrite arbitrary files through specially…
Oracle Critical Security Update – 309 Vulnerabilities with 145 Remotely Exploitable Patched
Oracle released its July 2025 Critical Patch Update on July 15, addressing 309 security vulnerabilities across its extensive product portfolio. This quarterly security update represents one of the most comprehensive patches in recent history, targeting critical flaws in database systems,…
New Attack Targeting Japanese Companies Exploiting Ivanti & Fortinet VPN Vulnerabilities
A sophisticated cyber espionage campaign has emerged targeting Japanese organizations through critical vulnerabilities in Ivanti Connect Secure and FortiGate VPN devices. The attack campaign, observed throughout fiscal year 2024, has primarily focused on manufacturing companies and government-related entities, with attackers…
Abacus Dark Web Market Possible Exit Scam with the Bitcoin Payments They Hold
Abacus Market, the largest Bitcoin-enabled Western darknet marketplace, has likely executed an exit scam after going offline in early July 2025, according to blockchain intelligence firm TRM Labs. The marketplace’s operators appear to have disappeared with users’ cryptocurrency funds, marking…
Hackers Use Polyglot Files to Bypass Email Filters to Deliver Malicious Emails
In the final week of June 2025 security teams across Russia’s healthcare and technology sectors began receiving an unusual flood of “routine” logistics and contract e-mails. Hidden behind familiar subject lines and legitimate sender addresses, the messages contained archives that…
Node.js Vulnerabilities Exposes Windows App to Path Traversal and HashDoS Attacks
The Node.js project has released critical security updates across multiple release lines to address two high-severity vulnerabilities affecting Windows applications and V8 engine implementations. Security releases are now available for Node.js versions 20.x, 22.x, and 24.x, with patches addressing a…
Microsoft Details on How Security Copilot in Intune and Entra Helps Security and IT Teams
Microsoft has announced significant enhancements to its AI-powered security platform, marking the general availability of Microsoft Security Copilot capabilities within Microsoft Intune and Microsoft Entra. This development represents a critical milestone in the evolution of enterprise security management, as organizations…
Dark 101 Ransomware With Weaponized .NET Binary Disables Recovery Mode and Task Manager
A sophisticated new ransomware strain has emerged in the cybersecurity landscape, demonstrating advanced evasion techniques and destructive capabilities that pose significant risks to organizations worldwide. The Dark 101 ransomware represents a concerning evolution in malware design, utilizing an obfuscated .NET…
Authorities Dismantled “Diskstation” Ransomware Attacking Synology NAS Devices Worldwide
Italian State Police, in collaboration with French and Romanian law enforcement agencies, have successfully dismantled the dangerous “Diskstation” ransomware group that specifically targeted Synology Network-Attached Storage (NAS) devices across multiple countries. The operation, coordinated through EUROPOL, resulted in the arrest…
Albemarle County Hit By Ransomware Attack – Hackers Accessed Residents Personal Details
Albemarle County, Virginia, has fallen victim to a sophisticated ransomware attack that compromised the personal information of county residents, local government employees, and public school staff. The cybercriminal operation successfully infiltrated the county’s network infrastructure, forcing officials to launch an…
DShield Honeypot Scanning Reaches Record-High – 1,000,000+ Logs in a Day
The cybersecurity landscape has witnessed an unprecedented surge in malicious scanning activity, with DShield honeypots recording over one million log entries in a single day for the first time in their operational history. This dramatic escalation represents a significant shift…
Federal IT contractor Agrees to Pay $14.75M Over False Cybersecurity Services Claim
Hill ASC Inc.’s $14.75 million settlement with the U.S. Department of Justice closes a five-year saga in which the Rockville-based contractor allegedly billed agencies for “highly adaptive” cybersecurity support it was never qualified to deliver. Investigators say Hill’s pitch hinged…
Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders
A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and cryptocurrency wallet information. The Octalyn Stealer, first identified in July 2025, presents itself as an…
VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host
Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems. The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS scores ranging from 6.2 to…
Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems
Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities, electrical grids, and industrial control systems across the United States. The group, operating under the…
BaitTrap – 17,000+ Fake News Websites Caught Promoting Investment Frauds
A massive network of fraudulent news websites has been uncovered, with cybersecurity researchers identifying over 17,000 Baiting News Sites (BNS) across 50 countries orchestrating sophisticated investment fraud schemes. These malicious platforms masquerade as legitimate news outlets, publishing fabricated stories featuring…
North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware
North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection. This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation,…