Category: Cyber Security News

A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…

Read more →

A sophisticated phishing operation leveraging OpenAI’s ChatGPT branding has targeted over 12,000 users across North America and Europe.  The campaign impersonates ChatGPT subscription renewal notices to harvest login credentials and payment details, exploiting the platform’s restricted access model for GPT-4…

Read more →

In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year.  The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH…

Read more →

The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious packets. The update resolves CVE-2025-1492, a flaw in the Bundle…

Read more →

DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves unprecedented performance metrics of 3000 GB/s memory…

Read more →

A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems.  All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the…

Read more →

A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours of initial compromise. The attackers orchestrated a multi-stage intrusion involving…

Read more →

Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers.  The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN…

Read more →

The term “DevOps” is a combination of the words “development” and “operations.” Promoting the development and operation processes collectively is a cultural requirement. A single team can now manage the entire application lifecycle, including development, testing, deployment, and operations.  System…

Read more →

Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks.  The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed…

Read more →

Attackers infiltrated Bybit Exchange’s Ethereum cold wallet infrastructure to steal $1.46 billion in digital assets through sophisticated interface manipulation and social engineering tactics. The incident represents the largest theft from a centralized crypto exchange since Mt. Gox’s 2014 collapse, exposing…

Read more →

Ransomware is essential to stay vigilant and protect your devices and systems by keeping software up to date, using anti-virus software, avoiding opening attachments or links from unknown sources, and regularly backing up important data. Ransomware is malware that encrypts…

Read more →

Penetration testing, or “pentesting,” is a cybersecurity practice where ethical hackers simulate cyberattacks to identify vulnerabilities in systems, networks, or applications. It helps organizations uncover weaknesses before malicious actors exploit them, enhancing their security posture. Penetration testing includes various types…

Read more →

Email is one of the most widely used forms of online communication. It is sent and received through a client program, such as Microsoft Outlook, Gmail, or a web-based interface.  Email is a popular communication technique, but it may not…

Read more →

A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data breach. It enables researchers to dissect the group’s operations, financial…

Read more →

Cisco Talos has uncovered a sophisticated cyberespionage campaign by the state-aligned “Salt Typhoon” group targeting U.S. telecommunications infrastructure since late 2024. While credential theft remains their primary entry method, researchers confirmed exploitation of Cisco’s CVE-2018-0171 Smart Install Remote Code Execution…

Read more →

A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tracked as CVE-2022-35202, stems from weak auto-generated passwords protecting Java keystores, which could be…

Read more →

A newly identified malware variant dubbed ACRStealer has been observed leveraging Google Docs as a command-and-control (C2) server to bypass traditional security defenses and harvest sensitive login credentials. This sophisticated attack vector exploits the trusted reputation of Google’s infrastructure to…

Read more →

Chinese cybersecurity authorities have alleged that the U.S. National Security Agency (NSA) breached Northwestern Polytechnical University (NPU), a leading institution in aerospace and defense research, in a multi-year cyber espionage campaign. According to joint reports published on February 18, 2025,…

Read more →

The darcula phishing group has escalated cybercrime capabilities with its newly unveiled “darcula-suite 3.0,” a phishing-as-a-service (PhaaS) platform enabling criminals to automatically generate counterfeit websites for any brand within minutes. This tool represents a paradigm shift in cybercrime efficiency, leveraging…

Read more →

The CL0P ransomware group has intensified attacks on critical infrastructure sectors, with telecommunications and healthcare organizations worldwide reporting mass data breaches and system encryption. Leveraging a zero-day vulnerability in Cleo integration software (CVE-2024-50623), the threat actors have compromised over 80…

Read more →

The financial sector remains a prime target for cybercriminals and state-sponsored groups, with 2024 witnessing a surge in sophisticated attacks exploiting zero-day vulnerabilities, supply chain weaknesses, and advanced malware. Threat actors are increasingly adopting collaborative models, including Initial Access Brokers…

Read more →

Security researchers at Palo Alto Networks’ Unit 42 have uncovered a resurgence of the modular Bookworm malware in cyberattacks targeting government and diplomatic entities across Southeast Asia. The activity, attributed to the Chinese state-aligned threat actor Stately Taurus (also tracked…

Read more →

Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the web server component, allowed attackers to execute arbitrary code remotely. JPCERT/CC confirmed multiple exploitation…

Read more →

Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics.  In a December 2024 investigation, 11 new Pegasus infections were detected among 18,000 devices…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) issued seven Industrial Control Systems (ICS) advisories detailing critical vulnerabilities in widely used systems.  These advisories highlight critical vulnerabilities in ICS products from major vendors such ABB, Carrier, Siemens and Mitsubishi Electric, providing…

Read more →

Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on…

Read more →

RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active…

Read more →

A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals.  This repository, hosted by the user “cyberthirty,” provides a Python-based script capable of extracting saved WiFi credentials from Windows systems and saving them to a text file.  While…

Read more →

European healthcare organizations are facing a sophisticated cyber threat from a newly identified ransomware strain called NailaoLocker, deployed as part of a campaign tracked as Green Nailao by Orange Cyberdefense CERT. The attacks, first detected between June and October 2024,…

Read more →

A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit code, escalating risks for organizations using the enterprise device management platform. Discovered by researchers in…

Read more →

A new malware campaign attributed to North Korean threat actors has been identified, targeting individuals through fake job interview processes. Dubbed “Contagious Interview,” this operation delivers malicious Swift applications disguised as legitimate software updates, including a recently discovered “DriverEasy.app” masquerading…

Read more →

A sophisticated cyber espionage campaign linked to Chinese state-aligned threat actors has targeted organizations across 15 countries using an updated variant of the Shadowpad malware to deploy previously undocumented ransomware. The attacks, analyzed by Trend Micro’s incident response team, exploit…

Read more →

IBM has addressed multiple high-severity vulnerabilities in its OpenPages Governance, Risk, and Compliance (GRC) platform that could enable attackers to hijack user sessions, steal authentication credentials, and manipulate critical enterprise data.  The flaws affect versions 8.3 and 9.0 of the…

Read more →

Researchers uncovered an ongoing campaign distributing the Rhadamanthys Infostealer through malicious Microsoft Management Console (MMC) files (.MSC), leveraging both a patched DLL vulnerability and legitimate MMC functionalities to execute scripts and deploy malware.  This advanced attack vector highlights evolving techniques…

Read more →

If you work in a Security Operations Center (SOC), you know the struggle all too well: hundreds of alerts flood in daily, each demanding attention. Some are false positives, others are routine, but buried among them are real threats that…

Read more →

A recent study by cybersecurity firm Hackmosphere reveals alarming gaps in phishing awareness among C-suite executives, with CEOs demonstrating particularly high susceptibility to socially engineered attacks. The research, conducted through simulated phishing campaigns, shows how even experienced decision-makers remain vulnerable…

Read more →

A sophisticated malware campaign leveraging social engineering tactics has targeted financial technology and cryptocurrency platforms between December 20–24, 2024. Dubbed Zhong Stealer, this previously undocumented threat employed compromised AnyDesk installations and phishing lures to infiltrate systems, stealing credentials and establishing…

Read more →

Researchers uncovered nine critical vulnerabilities in NVIDIA’s CUDA Toolkit, a cornerstone software suite for GPU-accelerated computing. These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose developers to denial-of-service (DoS) attacks and information disclosure risks when analyzing maliciously crafted cubin files.…

Read more →

A critical vulnerability (CVE-2025-1272) in Fedora Linux kernels starting at version 6.12 has disabled the kernel’s Lockdown Mode by default, potentially allowing attackers to bypass Secure Boot protections, load unsigned kernel modules, and access sensitive kernel memory regions.  The regression,…

Read more →

AWS-Key-Hunter is an open-source tool released to automatically scan public GitHub repositories for exposed AWS access keys.  The tool, which leverages continuous monitoring and Discord-based alerts, aims to mitigate risks associated with accidental credential leaks in version control systems. According to the…

Read more →

In response to growing regulatory requirements worldwide, Microsoft has published detailed technical guidance for Intune administrators on blocking and removing specific applications from managed endpoints.  The guide focuses on compliance with international frameworks such as Australia’s Protective Security Policy Framework…

Read more →

The 360 Advanced Threat Research Institute has uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean-linked threat actor APT-C-28, also known as ScarCruft or APT37. The group, active since 2012, has shifted tactics to employ fileless malware delivery…

Read more →

Microsoft has confirmed active exploitation of a critical elevation-of-privilege vulnerability (CVE-2025-24989) in its Power Pages platform, a low-code tool organizations use to build business websites. The vulnerability, which allowed unauthorized attackers to bypass registration controls and escalate network privileges, underscores…

Read more →

The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning of widespread attacks by the Ghost ransomware group, which has compromised over 70 organizations across critical sectors globally.  Operating under aliases…

Read more →

The National Security Agency (NSA) has unveiled Ghidra 11.3, a transformative update to its open-source Software Reverse Engineering (SRE) framework, delivering advanced debugging tools, accelerated emulation, and modernized integrations for cybersecurity professionals.  This version introduces critical enhancements tailored for kernel-level…

Read more →

Symantec, a division of Broadcom, has addressed a critical security flaw (CVE-2025-0893) in its Diagnostic Tool (SymDiag) that could allow attackers to escalate privileges on affected systems.  The vulnerability, which impacted SymDiag versions prior to 3.0.79, received a CVSSv3 score…

Read more →

Microsoft has addressed a critical vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) in the February 2025 Patch Tuesday security updates. Tracked as CVE-2025-21420, the vulnerability has a CVSS rating of 7.8 and could allow a threat actor to gain…

Read more →

Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. Rated 8.8 on the CVSS v4.0 scale, the flaw enables authenticated attackers to execute unauthorized…

Read more →

Threat actors have been observed exploiting the legitimate Java Archive (JAR) signing tool jarsigner.exe to deploy the notorious XLoader malware, according to recent findings from the AhnLab Security Intelligence Center (ASEC). This attack leverages DLL side-loading techniques to bypass security…

Read more →

Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. The vulnerability, classified as a Missing authentication for a Critical Function flaw, posed significant…

Read more →

A sophisticated new variant of the Snake Keylogger (detected as Autolt/Injector.GTY!tr) has emerged as a critical threat to Windows users. It leverages advanced evasion techniques to steal sensitive data from Chrome, Edge, and Firefox browsers. FortiGuard Labs reports over 280…

Read more →

Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new information-stealing malware called FrigidStealer. The operation involves two newly identified threat actors, TA2726 and TA2727, collaborating to compromise legitimate websites and redirect victims…

Read more →

A surge in malicious web inject campaigns has introduced FrigidStealer, a new macOS-specific information stealer, deployed via fake browser update prompts. Cybersecurity firm Proofpoint identified two previously unknown threat actors, TA2726 and TA2727, collaborating to distribute this malware globally, marking…

Read more →

The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat research team. This financially motivated group, active since at least 2023, leverages leaked…

Read more →

A sophisticated malware campaign attributed to the SmartApeSG threat actor (also tracked as ZPHP/HANEYMANEY) has targeted users through compromised websites since early 2024, deploying NetSupport RAT and StealC malware via fraudulent browser update notifications. The campaign exemplifies the growing sophistication…

Read more →

Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and sophisticated anti-detection techniques to compromise Windows, VMWare ESXi, and Linux environments. By Q4…

Read more →

A coordinated cyber espionage campaign, attributed to North Korea’s state-sponsored Kimsuky group (APT43), has targeted South Korean businesses, government agencies, and cryptocurrency users since late 2024. Dubbed ‘DEEP#DRIVE’ by researchers at Securonix, the operation leverages phishing lures, obfuscated PowerShell scripts,…

Read more →

Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. Coordinated attacks, which bypass chain authentication and privilege escalation flaws, enable unauthorized access…

Read more →

A new class of cyber threats leveraging $10 infostealer malware kits has compromised critical U.S. military, defense contractor, and federal agency systems, exposing vulnerabilities in national security infrastructure. According to Hudson Rock’s cybercrime intelligence data, over 30,000 infected devices across…

Read more →

Recent advances in cybercrime strategies are reviving the carding sector, with threat actors leveraging stolen credit card data to create fraudulent Apple Pay and Google Wallet accounts.  Dubbed “Ghost Tap,” this new attack methodology uses Near Field Communication (NFC) relay…

Read more →

Lee Enterprises, one of the largest newspaper publishers in the U.S., has confirmed a cybersecurity attack involving adversarial encryption of critical business applications and data exfiltration through double-extortion ransomware tactics. The incident has disrupted print distribution, billing systems, and digital…

Read more →

Google Threat Intelligence Group (GTIG) reveal an escalating campaign by multiple Russia-aligned threat actors targeting Signal Messenger users through sophisticated exploitation of the app’s “linked devices” feature. These attacks, primarily focused on Ukrainian military personnel, government officials, journalists, and activists,…

Read more →

Raymond Limited, a textile and clothing company, reported a cybersecurity attack that affected some of its IT infrastructure.  In a regulatory filing to the Bombay Stock Exchange (BSE) and National Stock Exchange (NSE), the company confirmed that threat actors breached…

Read more →

South Korea’s Personal Information Protection Commission (PIPC) announced today that the Chinese AI chatbot DeepSeek transmitted sensitive user data to servers controlled by ByteDance, TikTok’s Beijing-based parent company.  The findings follow a technical audit revealing critical security flaws, including unencrypted…

Read more →

As the 2025 U.S. tax season reaches its peak, cybersecurity analysts report a dramatic escalation in phishing campaigns exploiting IRS and federal tax themes. Between January 1 and February 18, threat actors registered 158 unique domains mimicking official IRS subdomains…

Read more →

A new wave of “Scam-Yourself” attacks leveraging AI-generated deepfake videos and malicious scripts is targeting cryptocurrency enthusiasts and financial traders, marking a dangerous evolution in social engineering tactics. Discovered by cybersecurity researchers at Gen Digital, this campaign exploits verified YouTube…

Read more →

Passwords are the first line of defense for protecting sensitive data, yet millions of users worldwide continue to rely on weak and predictable combinations.  A recent study by KnownHost reveals alarming trends in password security. It shows that many commonly…

Read more →

A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks.  The vulnerability tracked as CVE-2025-0366 with a CVSS score of 8.8 (High), enables authenticated attackers…

Read more →

Mozilla has released Firefox 135.0.1, a stability and security update addressing a high-severity memory safety vulnerability (CVE-2025-1414) that exposed users to potential remote code execution (RCE) attacks.  The patch resolves critical flaws in Firefox 135.0, which could have allowed attackers…

Read more →

A hacker operating under the alias “exelo” has allegedly advertised a database containing 602,800 Yahoo email accounts on an underground forum.  The post claims the dataset is “private and non-Russian. ” The full list costs $100. A free sample of…

Read more →

A critical vulnerability in Apache Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters.  Rated CVSS 9.8, this flaw affects Ignite versions 2.6.0 through 2.16.x, enabling attackers to execute…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories, addressing critical vulnerabilities in Delta Electronics CNCSoft-G2 and Rockwell Automation GuardLogix controllers.  These advisories highlight exploitable flaws in systems widely used in manufacturing, energy, and critical…

Read more →

A sophisticated cyberattack campaign targeting Chinese-speaking users, malicious actors have weaponized fake versions of popular applications such as Signal, Line, and Gmail. These fake and weaponized apps are distributed via deceptive download pages that deliver malware capable of altering system…

Read more →

Microsoft has unveiled GPT-4o Copilot, a cutting-edge code completion model now available for Visual Studio Code (VS Code) users.  Built on the GPT-4o mini architecture and trained on over 275,000 high-quality public repositories spanning more than 30 popular programming languages,…

Read more →

The Russian government announced a comprehensive legislative package on February 10, 2025, introducing severe penalties for cybercrimes.  The reforms, which amend over 30 existing laws, aim to modernize Russia’s cybersecurity framework by escalating prison terms, expanding asset confiscation protocols, and…

Read more →

Artificial intelligence (AI) is transforming everything! It influences how we communicate and how we write. Click-click — your text is ready. ChatGPT and other language models are helping people generate content. But, just like every superhero has a weakness, AI-generated…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding actively exploiting a high-severity authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS, the operating system powering the company’s firewall devices. With over 25 malicious IPs targeting…

Read more →

Google has urgently patched two high-severity heap buffer overflow vulnerabilities in its Chrome browser, CVE-2025-0999, and CVE-2025-1426, that could allow attackers to execute arbitrary code and seize control of affected systems. The vulnerabilities, fixed in Chrome 133.0.6943.126/.127 for Windows/Mac and…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated warnings about a critical zero-day vulnerability in SonicWall’s SonicOS, designating CVE-2024-53704 for immediate remediation in its Known Exploited Vulnerabilities (KEV) catalog. This improper authentication flaw, which enables remote attackers to…

Read more →

In a sophisticated cyberattack campaign dubbed “StaryDobry,” threat actors have exploited popular games to distribute malicious software, targeting users worldwide. The campaign, first detected on December 31, 2024, leveraged trojanized versions of games such as BeamNG.drive, Garry’s Mod, and Dyson…

Read more →

Cybersecurity researchers have proposed groundbreaking enhancements to the MITRE ATT&CK framework, aiming to strengthen its adaptability in dynamic and evolving threat landscapes. As cyber adversaries increasingly exploit emerging technologies like generative AI and industrial control systems (ICS), the need for…

Read more →

Between threat detection and response, there is a vitally important operation known as alert triage. If not staged properly, it can render the whole SOC’s performance inefficient.   This operation is alert triage — assessing and prioritizing security alerts. SIEM tools,…

Read more →

The Qualys Threat Research Unit (TRU) has uncovered two high-severity vulnerabilities in OpenSSH, the widely used suite for secure network communication. Tracked as CVE-2025-26465 and CVE-2025-26466, these flaws enable machine-in-the-middle (MitM) attacks against clients and pre-authentication denial-of-service (DoS) exploits targeting…

Read more →

The Lumma InfoStealer malware has been observed leveraging weaponized PDF documents to target educational institutions. This sophisticated campaign exploits malicious LNK (shortcut) files disguised as legitimate PDFs, initiating multi-stage infection processes that compromise sensitive data. Educational infrastructures, often less fortified…

Read more →

The cybersecurity community is on high alert as B1ack’s Stash, a known marketplace on the dark web, has announced a massive leak of 4 million stolen credit card details.  The Dark Web Informer threat intelligence researchers posted on X state…

Read more →

A newly uncovered vulnerability in large language models (LLMs) has raised significant concerns about the security and ethical use of AI systems like OpenAI’s ChatGPT. Dubbed “Time Bandit,” this exploit manipulates the temporal reasoning capabilities of LLMs. This enables the…

Read more →

Intel by Intruder now uses AI to contextualize NVD descriptions, helping security teams assess risk faster. Intruder, a leader in attack surface management, has launched AI-generated descriptions for Common Vulnerabilities and Exposures (CVEs) within its free vulnerability intelligence platform, Intel.…

Read more →

Cybercriminals have developed a sophisticated method to steal credit card information by embedding malicious scripts within <img> tags on e-commerce websites. This technique, often associated with MageCart attacks, exploits the trustworthiness of image tags to evade detection while targeting platforms…

Read more →

A sophisticated malware framework dubbed EagerBee is actively targeting government agencies and Internet Service Providers (ISPs). EagerBee is actively targeting these organizations across the Middle East. While the EagerBee was found deploying advanced backdoor capabilities through novel technical implementations. The…

Read more →

Advanced Persistent Threat (APT) group Earth Preta (a.k.a. Mustang Panda) has been observed weaponizing the Microsoft Application Virtualization Injector (MAVInject.exe) to bypass security software and implant backdoors in government systems across Asia-Pacific regions. The campaign, analyzed by Trend Micro’s Threat…

Read more →

In a significant development for cybersecurity professionals and organizations worldwide, SecTemplates has announced the release of its Incident Response Program Pack 1.5, a free, open-source toolkit designed to streamline the implementation of robust security incident response protocols.  This release provides…

Read more →

Juniper Networks has issued an urgent security advisory addressing a critical API authentication bypass vulnerability (CVE-2025-21589) affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Managed Router product lines. The flaw, carrying a maximum CVSS base score of…

Read more →

In a significant crackdown on one of India’s largest cryptocurrency frauds, the Enforcement Directorate (ED) has seized digital assets valued at ₹1,646 crore linked to the now-defunct BitConnect lending program. The operation, conducted under the Prevention of Money Laundering Act (PMLA),…

Read more →

A groundbreaking study by researchers Zhen Guo and Reza Tourani at Saint Louis University has exposed a novel vulnerability in customized large language models (LLMs) like GPT-4o and LLaMA-3. Dubbed DarkMind, this backdoor attack exploits the reasoning capabilities of LLMs…

Read more →

A researcher with the handle “single mode” has demonstrated how client-side code manipulation can bypass access controls and gain unauthorized access to Grok-3, an AI model integrated into Elon Musk’s X platform. The exploit involves running a custom JavaScript snippet…

Read more →

A new ransomware strain dubbed Vgod has emerged recently as a critical cybersecurity threat. This new ransomware employs advanced encryption techniques and psychological pressure tactics. While the ransomware do so by altering the desktop wallpapers of the targeted victims. First…

Read more →

Critical vulnerabilities in LibreOffice (CVE-2024-12425 and CVE-2024-12426) allow attackers to overwrite arbitrary files and retrieve sensitive system data via malicious documents.  These flaws affect both desktop users and server-side implementations, posing significant risks to enterprises and individual users relying on…

Read more →

The latest version of the widely-used file compression tool, WinRAR 7.10, introduces a suite of significant updates aimed at enhancing user experience, performance, and security. Released on February 18, 2025, this iteration marks a major overhaul of the software’s interface,…

Read more →

A new wave of phishing attacks is exploiting fake timesheet report emails to lure victims into the sophisticated Tycoon 2FA phishing kit.  This campaign leverages Pinterest Visual Bookmarks as intermediaries, adding a deceptive layer of legitimacy to its tactics.  Spider…

Read more →