A sophisticated campaign targeting enterprise routers has intensified over the past month, with threat actors leveraging previously unknown vulnerabilities to establish persistent access within corporate networks. Security researchers have observed a substantial uptick in attacks specifically targeting network infrastructure devices,…
Category: Cyber Security News
Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials
A sophisticated Chinese eCrime group known as “Smishing Triad” has expanded its operations to target organizations and individuals across at least 121 countries worldwide. The group, active since 2023, has systematically targeted multiple industries including postal services, logistics, telecommunications, transportation,…
TROX Stealer Exfiltrate Sensitive Data Including Stored Credit Cards & Browser Credentials
A newly identified malware strain known as TROX Stealer has emerged as a significant threat to consumer data security, leveraging psychological manipulation and technical sophistication to exfiltrate sensitive information. First observed in December 2024 by Sublime Security analysts, this Malware-as-a-Service…
Why CISOs Are Betting Big on AI, Automation & Zero Trust
In today’s fast-paced digital world, Chief Information Security Officers (CISOs) are under immense pressure to protect their organizations from increasingly sophisticated cyber threats. As attack surfaces expand with remote work, cloud adoption, and IoT devices, traditional security models are proving…
STRIDE GPT – AI-powered Tool LLMs To Generate Threat Models
A new tool has emerged that promises to revolutionize the way organizations approach threat modeling. STRIDE GPT, an AI-powered threat modeling tool, leverages the capabilities of large language models (LLMs) to generate comprehensive threat models and attack trees for applications,…
ViperSoftX Malware Attacking Users via Cracked Software
A sophisticated malware campaign utilizing the notorious ViperSoftX malware has been targeting users through cracked software and torrent downloads since early April 2025. This PowerShell-based threat operates through a multi-stage infection process, establishing command and control communications before downloading additional…
Shuckworm Group Uses PowerShell Based GammaSteel Malware in Targeted Attacks
The Russia-linked espionage group Shuckworm has continued its relentless focus on Ukraine into 2025, with new attacks targeting a Western country’s military mission based in Eastern Europe. This latest campaign, observed from February through March 2025, represents an evolution in…
100,000 WordPress Sites Vulnerable to Rogue Creation Vulnerability
A critical vulnerability affecting over 100,000 WordPress websites has been discovered in the SureTriggers WordPress plugin, potentially allowing attackers to create unauthorized administrator accounts. The flaw, identified as CVE-2025-3102 with a CVSS score of 8.1 (High), impacts all versions of…
GOFFEE Leveraging PowerModul Tool to Attack Government & Energy Organizations
The threat actor known as GOFFEE has escalated its malicious campaign in 2024, introducing a new implant dubbed “PowerModul” to target government entities and energy organizations primarily located in Russia. First identified in early 2022, GOFFEE has evolved from deploying…
Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks
A seven-year-old vulnerability in Cisco networking equipment continues to pose significant security risks, enabling attackers to execute remote code on unpatched systems. Discovered initially in 2018, CVE-2018-0171 targets Cisco’s Smart Install feature, a plug-and-play configuration utility designed to simplify network…
0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control
Security researcher Prizm Labs has discovered a serious flaw in the SuperNote A6 X2 Nomad, a well-known 7.8-inch E-Ink tablet made by Ratta Software. The flaw, now assigned CVE-2025-32409, could allow a malicious attacker on the same network to fully…
UPI Down – UPI Outage Disrupt Millions of Digital Transactions Across India
India’s Unified Payments Interface (UPI), the backbone of the country’s digital payment ecosystem, faced a significant outage today, marking the fourth disruption in less than three weeks. The outage, which began around 10:30 AM IST, affected millions of users across…
Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these packages were published by a…
NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data
A critical vulnerability in NVIDIA’s Container Toolkit, CVE-2024-0132, remains exploitable due to an incomplete patch, endangering AI infrastructure and sensitive data. Coupled with a newly discovered denial-of-service (DoS) flaw in Docker on Linux, these issues could allow attackers to breach…
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals
RansomHub, a relatively newer player in the ransomware-as-a-service (RaaS) landscape, is experiencing significant internal turmoil after affiliates suddenly lost access to negotiation chat portals on April 1st, 2025. This disruption has forced affiliates to redirect victim communications to alternative platforms,…
Sapphire Werewolf Enhances Toolkit With New Amethyst Stealer to Attack Energy Companies
Cybersecurity experts have detected a sophisticated campaign targeting energy sector companies, as the threat actor known as Sapphire Werewolf deploys an enhanced version of the Amethyst stealer malware. The campaign represents a significant evolution in the group’s capabilities, featuring advanced…
Hackers Exploiting Domain Controller to Deploy Ransomware Using RDP
Microsoft has recently uncovered a sharp rise in ransomware attacks exploiting domain controllers (DCs) through Remote Desktop Protocol (RDP), with the average attack costing organizations $9.36 million in 2024. These sophisticated campaigns aim to cripple enterprises by encrypting critical systems…
Active Directory Attack Kill Chain Checklist & Tools List- 2025
The “Active Directory Kill Chain Attack & Defense” concept is a structured approach to understanding the sequence of events or stages involved in an Active Directory (AD) attack and the corresponding defensive measures to counteract or prevent such attacks. Microsoft…
Hackers Actively Exploits Patched Fortinet FortiGate Devices to Gain Root Access Using Symbolic Link
Fortinet has uncovered a sophisticated post-exploitation technique used by a threat actor to maintain unauthorized access to FortiGate devices, even after initial vulnerabilities were patched. The discovery, detailed in a recent Fortinet investigation, highlights the persistent risks of unpatched systems…
Google Unveils A2A Protocol That Enable AI Agents Collaborate to Automate Workflows
Google has announced the launch of Agent2Agent Protocol (A2A), a groundbreaking open protocol designed to enable AI agents to communicate with each other, securely exchange information, and coordinate actions across enterprise platforms. Revealed on April 9, 2025, the protocol marks…