Security researchers have revealed that a sophisticated malvertising campaign discovered last week has been targeting software developers through malicious Google advertisements that impersonate the popular Homebrew package manager. The attack demonstrates an evolution in cybercriminal tactics that exploit trusted verification…
Category: Cyber Security News
New Attack Bypasses HTTP/2 Security for Arbitrary Cross-Site Scripting
A critical vulnerability in HTTP/2 protocol implementations that allows attackers to bypass web security protections and execute arbitrary cross-site scripting (XSS) attacks against major websites. At the Network and Distributed System Security (NDSS) Symposium 2025, Tsinghua University researchers presented their…
Weaponized Google Meet Page Tricks Users into Running PowerShell Malware
A sophisticated social engineering campaign that leverages fake Google Meet conference pages to trick users into manually executing malicious PowerShell commands, leading to system compromise through various information-stealing malware, including AsyncRAT, StealC, and Rhadamanthys. This emerging threat, known as “ClickFix,”…
Nova Scotia Power Confirms Ransomware Attack – 280k Customers Affected
Nova Scotia Power has officially confirmed it fell victim to a sophisticated ransomware attack that compromised sensitive customer data belonging to approximately 280,000 individuals. The Canadian utility disclosed on Friday that threat actors successfully infiltrated its network systems and published…
SharpSuccessor – A PoC For Exploiting Windows Server 2025’s BadSuccessor Vulnerability
A proof-of-concept exploit tool called SharpSuccessor that weaponizes the recently discovered BadSuccessor vulnerability in Windows Server 2025’s delegated Managed Service Account (dMSA) feature. The .NET-based tool, developed by Logan Goins, demonstrates how attackers with minimal Active Directory permissions can escalate…
Critical vBulletin Forum Vulnerability Let Attackers Execute Remote Code
A newly discovered vulnerability in vBulletin, one of the world’s most popular forum platforms, has exposed thousands of online communities to the risk of unauthenticated remote code execution (RCE). The flaw, present in vBulletin versions 5.x and 6.x running on…
FBI Warns of Silent Ransom Group Attacking Users Via Fake IT Calls
The Federal Bureau of Investigation has issued a critical warning about an increasingly sophisticated cybercriminal organization known as the Silent Ransom Group (SRG), which has been conducting targeted attacks against law firms and other organizations through deceptive IT support calls.…
ChatGPT Deep Research Now Integrates Dropbox & OneDrive to Pull Data
OpenAI has announced a significant expansion of ChatGPT’s deep research capabilities, introducing seamless integration with popular cloud storage platforms including Dropbox and Microsoft OneDrive. This development represents a major step forward in making artificial intelligence more accessible within existing enterprise…
Hard-Coded Telnet Credentials Leave D-Link Routers Wide Open to Remote Code Execution
A significant security flaw (CVE-2025-46176) has exposed thousands of D-Link routers to remote code execution attacks through hardcoded Telnet credentials embedded in firmware. The vulnerability affects DIR-605L v2.13B01 and DIR-816L v2.06B01 models, scoring 6.5 on the CVSS v3.1 scale with…
Vulnerability in Popular macOS App Cursor Allows Malware to Bypass Privacy Protections, Exposing User Data
A critical security vulnerability has been discovered in Cursor, a popular AI-powered code editor for macOS, that enables malicious software to circumvent Apple’s built-in privacy protections and access sensitive user data without proper authorization. The vulnerability exploits a misconfiguration in…
ChatGPT o3 Model Bypassed to Sabotage the Shutdown Mechanism
OpenAI’s latest large language model, ChatGPT o3, actively bypassed and sabotaged its own shutdown mechanism even when explicitly instructed to allow itself to be turned off. Palisade Research, an AI safety firm, reported on May 24, 2025, that the advanced…
Katz Stealer Attacking Chrome, Edge, Brave & Firefox to Steal Login Details
A sophisticated new credential-stealing malware known as Katz Stealer has emerged as a significant threat to users of popular web browsers, demonstrating advanced capabilities that allow it to bypass modern security protections and exfiltrate sensitive authentication data. This malware-as-a-service operation…
Tenable Network Monitor Vulnerabilities Let Attackers Escalate Privileges
Two high-severity vulnerabilities (CVE-2025-24916, CVE-2025-24917) in Tenable Network Monitor solution, enabling local privilege escalation on Windows systems through insecure directory permissions and arbitrary code execution. The security flaws affect all versions prior to 6.5.1 and have been assigned high severity…
Fake DigiYatra Apps Attacking Indian Users to Steal Financial Data
A sophisticated phishing campaign targeting Indian air travelers has emerged, exploiting the trusted DigiYatra brand to harvest sensitive personal and financial information from unsuspecting users. The malicious operation centers around a deceptive website at digiyatra[.]in that masquerades as the official…
Bitwarden PDF File Handler Vulnerability Let Attackers Upload Malicious PDF Files
A critical cross-site scripting (XSS) vulnerability has been discovered in the popular password manager Bitwarden, affecting versions up to 2.25.1. The security flaw, designated as CVE-2025-5138, resides in the PDF File Handler component and allows attackers to upload malicious PDF…
60 Malicious npm Packages Exfiltrates Exfiltrate Hostnames, IP’s, DNS Servers Details
A sophisticated malware campaign targeting the npm ecosystem has compromised developer environments through 60 malicious packages designed to silently harvest sensitive network information. The operation, which began eleven days ago and remains active as of publication, demonstrates the growing threat…
Street-Level QR Phishing: Cybercriminals Take Social Engineering to the Real World
A disturbing new trend in cybercrime emerged this week as security professionals discovered QR codes taped to lampposts in what appears to be a sophisticated psychological manipulation campaign. The handwritten note, which read “John, I know you are cheating on…
Threat Actors Installing DB Client Tools on Targeted Systems to Exfiltrate Sensitive Data
Cybersecurity researchers have uncovered a concerning trend where threat actors are increasingly leveraging legitimate database client tools to steal sensitive information from compromised systems. This sophisticated approach represents a significant evolution in data exfiltration techniques, as attackers exploit trusted applications…
40+ Malicious Chrome Extensions Mimic as Popular Chrome Brands Steals Sensitive Data
Cybersecurity researchers have uncovered a sophisticated campaign involving over 40 malicious Chrome browser extensions that masquerade as trusted brands to steal sensitive user data. The malicious extensions, which remain active on the Google Chrome Store, represent a significant escalation in…
Oracle TNS Protocol Vulnerability Let Attackers Access System Memory Contents
A critical vulnerability in Oracle’s Transparent Network Substrate (TNS) protocol that allows unauthenticated attackers to access sensitive system memory contents, including environment variables and connection data. Oracle assigned CVE-2025-30733 to this vulnerability and released patches on April 15, 2025. The…