Category: Cyber Security News

In today’s interconnected business environment, digital disruptions can quickly escalate from minor technical incidents to major organizational crises. The role of Chief Information Security Officers (CISOs) has become increasingly central to business continuity planning, as organizations face sophisticated cyber threats,…

Read more →

The cybersecurity landscape faces a mounting threat as the Akira ransomware group intensifies operations, marking a significant evolution since its emergence in March 2023. This sophisticated threat actor specializes in leveraging compromised credentials to access vulnerable VPN services lacking multi-factor…

Read more →

In today’s digital-first business environment, cyber threats are not just an IT problem they’re a core business risk. Board members are increasingly expected to oversee cybersecurity strategy, but they often lack the technical background to interpret traditional security reports. This…

Read more →

In the modern enterprise, cybersecurity is no longer just a technical concern it is a boardroom priority. The frequency and impact of cyber incidents have escalated, placing organizational resilience, regulatory compliance, and business reputation at risk. Board members, however, often…

Read more →

Cybersecurity experts have identified a sophisticated new phishing technique that exploits the SVG (Scalable Vector Graphics) file format to deliver malicious HTML content to unsuspecting victims. This emerging threat, first observed at the beginning of 2025, represents a notable evolution…

Read more →

In a concerning evolution of cybercrime, security researchers have identified a new threat known as “VibeScamming” – where malicious actors leverage generative AI to create sophisticated phishing campaigns with minimal effort. This technique, inspired by the concept of “VibeCoding” (using…

Read more →

A 28-year-old man from Maharashtra became the latest victim of a sophisticated WhatsApp scam. Pradeep Jain, unsuspecting and going about his daily routine, lost over Rs 2 lakh from his bank account—all because he downloaded a single image sent by an…

Read more →

A significant vulnerability in Windows Defender Application Control (WDAC) implementations, demonstrating how attackers can circumvent strict security policies through Microsoft’s own debugging tool.  The exploit leverages WinDbg Preview, available through the Microsoft Store, to inject malicious code into legitimate processes,…

Read more →

A sophisticated malware tool dubbed “Baldwin Killer” is reportedly being marketed on underground forums as a powerful solution for bypassing antivirus (AV) and endpoint detection and response (EDR) security products.  Security researchers have identified a forum listing offering this tool…

Read more →

Financial institutions worldwide are facing unprecedented ransomware threats, with new data revealing the staggering economic impact these attacks inflict. In 2024, the average cost of data breaches in the banking sector has reached $6.08 million per incident, marking a 10%…

Read more →

Researchers have uncovered advanced command-line obfuscation methods that allow attackers to bypass detection systems such as antivirus (AV) and endpoint detection and response (EDR) platforms.  The techniques, detailed in a comprehensive study released on March 24, 2025, exploit parsing inconsistencies…

Read more →

A sophisticated attack campaign by threat actor ELUSIVE COMET that exploits Zoom’s legitimate remote control feature to gain unauthorized access to victims’ computers.  The attackers have successfully targeted cryptocurrency professionals using a combination of social engineering and interface manipulation techniques,…

Read more →

Zero Trust Architecture (ZTA) has emerged as a critical security framework for organizations facing sophisticated threats from both external and internal vectors. In today’s rapidly evolving digital landscape, traditional security perimeters have dissolved as cloud adoption accelerates and remote work…

Read more →

Linus Torvalds has announced the availability of the third release candidate for Linux kernel 6.15, continuing the development cycle with a collection of incremental improvements and bug fixes across numerous subsystems.  This update brings stability enhancements while maintaining the regular…

Read more →

A critical vulnerability in PyTorch that allows attackers to execute malicious code remotely, even when using safeguards previously thought to mitigate such risks.  The vulnerability, identified as CVE-2025-32434, affects all PyTorch versions up to and including 2.5.1 and was patched…

Read more →

Cybersecurity researchers have uncovered an active malware campaign dubbed “Voldemort” that masquerades as legitimate Cisco Webex components to deploy backdoors on targeted systems. The discovery comes just days after Cisco released a security advisory for a critical vulnerability in the…

Read more →

In the digital era, organizations face a relentless barrage of cyber threats that can disrupt operations, compromise sensitive data, and erode stakeholder trust. As technology becomes the backbone of business processes, the stakes for managing cyber risk have never been…

Read more →

A significant security vulnerability, tracked as CVE-2025-25364, was discovered in Speedify VPN’s macOS application, exposing users to local privilege escalation and full system compromise.  The flaw, uncovered by SecureLayer7, resides in the privileged helper tool me.connectify.SMJobBlessHelper, which is responsible for…

Read more →

A sophisticated attack campaign by threat actor ELUSIVE COMET that exploits Zoom’s legitimate remote control feature to gain unauthorized access to victims’ computers.  The attackers have successfully targeted cryptocurrency professionals using a combination of social engineering and interface manipulation techniques,…

Read more →

A highly sophisticated phishing attack exploiting vulnerabilities in Google’s OAuth system has been identified. The attack, which successfully bypasses Gmail’s security filters, appears legitimate to users as it originates from authentic Google domains and passes all standard security checks, including…

Read more →