A newly identified botnet, tracked as Eleven11bot, has compromised approximately 30,000 internet-connected devices—primarily security cameras and network video recorders (NVRs)—to launch distributed denial-of-service (DDoS) attacks against critical infrastructure. Discovered by Nokia Deepfield’s Emergency Response Team (ERT) on February 26, 2025,…
Category: Cyber Security News
SolarWinds Web Help Desk Vulnerability Let Hackers Access Stored Passwords – PoC Released
A critical vulnerability in SolarWinds’ Web Help Desk software (CVE-2024-28989) allowed attackers to decrypt sensitive credentials, including database passwords and LDAP/SMTP authentication secrets, through cryptographic weaknesses in its AES-GCM implementation. Patched in version 12.8.5, the flaw stemmed from predictable encryption…
Microsoft March 2025 Patch Tuesday: Fixes for 57 Vulnerabilities & 6 Actively Exploited Zero-Days
Microsoft’s March 2025 Patch Tuesday addresses 57 vulnerabilities, including six zero-day vulnerabilities that are currently being exploited. The security update includes fixes for Windows, Microsoft Office, Azure, and other components. The March update included fixes for: In addition to the…
Threat Actors Bypass Security Layers To Fuel SIM Swap Attacks
SIM swap attacks have emerged as a growing cybersecurity threat, with security researchers documenting a 38% increase in successful attacks during the first quarter of 2025. These sophisticated attacks involve criminals convincing mobile carriers to transfer a victim’s phone number…
Blind Eagle Hackers Leveraging Google Drive, Dropbox & GitHub To Bypass Security Defenses
A series of ongoing, targeted cyber campaigns by Blind Eagle (APT-C-36), one of Latin America’s most dangerous threat actors primarily targeting Colombia’s justice system, government institutions, and private organizations were recently unveiled by Check Point Research (CPR). The group has…
AI Turned As A Powerful Tool For Cybercriminals To Execute Attacks At High Speed
Artificial intelligence has emerged as a formidable weapon in the cybercriminal arsenal, enabling attacks with unprecedented precision, speed, and scale. Security experts warn that cybercriminals are increasingly leveraging automated AI systems to penetrate networks, steal data, and deploy intelligent viruses…
Google Details Microsoft’s Time Travel Debugging Framework Security Bugs
Mandiant researchers, part of Google’s cybersecurity division, have uncovered several critical security bugs in Microsoft’s Time Travel Debugging (TTD) framework. The findings reveal significant instruction emulation inaccuracies that could potentially compromise security analyses and incident response investigations, leading analysts to…
ANY.RUN’s Threat Intelligence Feeds Now Get Enriched with Unique IOC’s
In a rapidly evolving digital landscape where cyber threats emerge daily, ANY.RUN is empowering Security Operations Centers (SOCs) worldwide with its cutting-edge Threat Intelligence (TI) Feeds. These continuously updated streams of Indicators of Compromise (IOCs) are designed to help organizations…
Multiple SCADA Vulnerabilities Let Attackers Trigger DoS & Elevate Privileges
Multiple critical vulnerabilities in ICONICS SCADA systems were uncovered recently by the researchers from Palo Alto Networks’ Unit 42, widely deployed across government, military, manufacturing, and utility sectors. The security flaws, discovered in ICONICS Suite versions 10.97.2 and 10.97.3 for…
New Ebyte Ransomware Attacking Windows Users With Advanced Encryption Tactics
A sophisticated new ransomware strain dubbed “Ebyte” targeting Windows systems across North America and Europe. The ransomware has compromised thousands of systems since its detection three weeks ago, utilizing advanced encryption tactics that have challenged security experts. Initial infection vectors…
PlayPraetor Malware From Fake Play Store Attacking Android Users To Steal Passwords
A large-scale malware campaign targeting Android users through fraudulent Google Play Store download pages has been uncovered recently by CTM360. The sophisticated operation, which they’ve named ‘PlayPraetor,’ has infected thousands of devices across South-East Asia, particularly targeting financial institutions and…
5000+ Malicious Packages Found In The Wild To Compromise Windows Systems
FortiGuard Labs has recently uncovered more than 5,000 malicious software packages designed to compromise Windows systems. These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data…
SideWinder APT Group Attacking Military & Government Entities With New Tools
Cybersecurity researchers have identified intensified activity from the SideWinder APT group throughout 2024, with significant updates to their toolset and expanded targeting beyond traditional military and government entities. Recent findings reveal that SideWinder has developed a massive new infrastructure to…
macOS NULL Pointer Dereferences Bug Leads To Code Execution In Kernel Mode
The historical vulnerability of NULL pointer dereferences in macOS that previously allowed attackers to execute arbitrary code with kernel privileges has been unveiled recently by security analysts. Despite modern systems having robust mitigations, understanding these historical attack vectors provides valuable…
Apache Tomcat Vulnerability Exposes Servers to RCE Attacks
A critical security vulnerability in Apache Tomcat (CVE-2025-24813) has exposed servers to remote code execution (RCE), information disclosure, and data corruption risks. The flaw, rooted in improper handling of partial HTTP PUT requests, affects Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1…
New Linux Kernel Code Written In Rust To Eliminate Memory Safety Bugs
The Linux kernel has taken a significant step toward improved security with the growing adoption of Rust programming language components aimed at eliminating memory safety bugs. The Rust for Linux project has reached a critical tipping point, with multiple drivers…
Critical Veritas Vulnerability Let Attackers Execute Malicious Code
A critical security flaw in Veritas’ Arctera InfoScale product line has exposed enterprise systems to remote code execution (RCE) attacks, underscoring persistent risks in disaster recovery infrastructure. Tracked as CVE-2025-27816, the vulnerability (CVSS v3.1 score: 9.8) resides in the Windows…
Android Zygote Injection Vulnerability Let Attackers Execute Code & Escalate Privileges
A critical Android vulnerability identified as CVE-2024-31317 has been discovered that allows attackers to execute arbitrary code with system privileges. The “Zygote Injection” vulnerability affects devices running Android 11 or older and enables attackers to escalate privileges from a shell…
Ragnar Loader Employed By Multiple Ransomware Groups To Evade Detection
A sophisticated malware toolkit known as Ragnar Loader has been identified as a critical component in targeted ransomware attacks. The loader, also known as Sardonic Backdoor, serves as the primary infiltration mechanism for the Monstrous Mantis ransomware group, formerly known…
EncryptHub A Multi-Stage Malware Compromised 600 Organizations
A sophisticated cybercriminal group known as EncryptHub has successfully compromised approximately 600 organizations through a multi-stage malware campaign. The threat actor exploited operational security mistakes, inadvertently exposing critical elements of their infrastructure, which allowed researchers to map their tactics with…