Category: Cyber Security News

Cybercriminals have escalated their phishing tactics by leveraging Scalable Vector Graphics (SVG) files to bypass traditional anti-phishing and anti-spam defenses.  These attacks, which first became widespread late last year, have increased dramatically since January 2025, exploiting the unique properties of…

Read more →

A major security vulnerability in DeepSeek, the breakthrough Chinese AI model, has been uncovered by researchers, exposing the platform’s entire system prompt through a sophisticated jailbreak technique.  This discovery has raised serious concerns about AI security and model training transparency.…

Read more →

A zero-day vulnerability has been discovered in the Mobile Security Framework (MobSF), an automated platform for mobile application penetration testing, malware analysis, and security assessments.  The flaw, identified as a Partial Denial of Service (DoS) vulnerability, affects the Scans Results…

Read more →

Cisco has disclosed multiple high-severity vulnerabilities in the Simple Network Management Protocol (SNMP) subsystem of its IOS, IOS XE, and IOS XR software.  These vulnerabilities could allow authenticated, remote attackers to trigger a Denial of Service (DoS) condition on affected…

Read more →

Cybersecurity experts have uncovered a sophisticated campaign by North Korea’s Kimsuky group, employing a custom-built RDP Wrapper to gain unauthorized access to compromised machines. This marks another alarming evolution in the group’s cyber-espionage tactics, targeting organizations globally. The Kimsuky group,…

Read more →

The North Korea-linked Lazarus Group (aka APT 38) has been targeting organizations through a LinkedIn recruiting scam. Through this scam threat actors behind Lazarus Group aim to capture the credentials and deliver malware. This malicious operation exploits the trust in…

Read more →

Canonical, the company behind Ubuntu, has announced that Ubuntu is now available on Microsoft’s new tar-based distribution architecture for Windows Subsystem for Linux (WSL).  This development marks a significant shift in how Linux distributions can be deployed and managed within…

Read more →

A recently disclosed vulnerability in AnyDesk, a widely used remote desktop software, has raised significant cybersecurity concerns.  The vulnerability identified by CVE-2024-12754 and tracked by ZDI-24-1711 allows local attackers to exploit the handling of Windows background images to gain unauthorized…

Read more →

In recent months, macOS users have faced a significant rise in password-stealing malware attacks. These threats, often distributed through malicious advertising and fake application installers, have become increasingly sophisticated. Three prominent malware types, “Atomic Stealer,” “Poseidon Stealer,” and “Cthulhu Stealer”…

Read more →

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) software that could allow authenticated, remote attackers to execute arbitrary commands, elevate privileges, and manipulate system configurations on affected devices. These vulnerabilities tracked as CVE-2025-20124 and CVE-2025-20125, have…

Read more →

A recent cybersecurity threat has emerged in India, targeting users of various Indian banks with a sophisticated malware campaign. This campaign, discovered by the zLabs research team, involves nearly 900 malware samples designed to steal sensitive financial and personal data,…

Read more →

In a shocking revelation, researchers have uncovered a widespread malware campaign targeting both Android and iOS users. Dubbed “SparkCat,” this malicious operation involves apps embedded with a malicious SDK designed to steal recovery phrases for cryptocurrency wallets. The infected apps,…

Read more →

A newly discovered botnet named BADBOX has been found to have infected over 190,000 Android devices, including high-end models like Yandex 4K QLED TVs. This botnet is particularly concerning due to its ability to infect devices potentially through pre-installed malware…

Read more →

In a shocking revelation, researchers have uncovered a widespread malware campaign targeting both Android and iOS users. Dubbed “SparkCat,” this malicious operation involves apps embedded with a malicious SDK designed to steal recovery phrases for cryptocurrency wallets. The infected apps,…

Read more →

Hackers have begun leveraging AI agents to validate stolen credit cards, marking a new era in the sophistication of financial fraud. This trend highlights the evolving threat landscape where technology, once seen as a tool for security, is being repurposed…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Linux kernel vulnerability, CVE-2024-53104, to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing its potential impact on systems worldwide. This vulnerability, classified as an out-of-bounds write issue, affects the USB…

Read more →

The AI startup DeepSeek has gained significant attention in recent weeks for its advanced AI models, particularly the R1 reasoning model. However, this rapid rise to fame has also attracted the unwanted attention of cybercriminals, who are exploiting DeepSeek’s popularity…

Read more →

IBM has released critical security updates addressing multiple vulnerabilities in its Cloud Pak for Business Automation software.  These vulnerabilities, if exploited, could allow attackers to access sensitive data, disrupt operations, or compromise system integrity. The fixes are part of the…

Read more →

A critical vulnerability in Apple’s macOS kernel (XNU), tracked as CVE-2025-24118, has been disclosed, potentially allowing attackers to escalate privileges, corrupt memory, and even execute kernel-level code.  The flaw, affecting macOS Sonoma versions earlier than 14.7.3, macOS Sequoia versions earlier…

Read more →

NETGEAR has issued a critical security advisory addressing a severe unauthenticated remote code execution (RCE) vulnerability affecting several of its popular router models.  This flaw, tracked under internal identifier PSV-2023-0039, poses a significant risk by allowing attackers to execute arbitrary…

Read more →