A high-severity cross-site scripting (XSS) vulnerability in Grafana could allow attackers to redirect users to malicious websites. The vulnerability, tracked as CVE-2025-4123 received a CVSS score of 7.6 (HIGH), allows attackers to exploit client path traversal and open redirect to…
Category: Cyber Security News
ThreatBook Named a Notable Vendor in Global Network Analysis and Visibility (NAV) Independent Report
ThreatBook, a global leader cyber threat and response solutions backed by threat intelligence and AI, has been recognized as a notable vendor in Forrester’s Network Analysis And Visibility Solutions Landscape, Q2 2025 report. This marks a major milestone in ThreatBook’s…
Hackers Leverage PyBitmessage Library to Bypass AV & Network Security Detections
Cybersecurity experts have identified a sophisticated new malware strain that combines a Monero cryptocurrency miner with an advanced backdoor component, presenting a significant threat to organizational security. The malware leverages PyBitmessage, an implementation of the Bitmessage protocol designed for peer-to-peer…
Hackers Attacking Mobile Users Leveraging PWA JavaScript & Browser Protections
A sophisticated malware campaign has emerged targeting mobile device users through Progressive Web Applications (PWAs), representing an alarming shift in attack methodology. Security researchers have identified a coordinated effort originating from China that exploits third-party JavaScript injections to redirect unsuspecting…
Hackers Attacking Employees Mimic as Organizations to Steal Payroll Logins & Reroute Payments
A sophisticated search engine optimization (SEO) poisoning attack has emerged, targeting employees through their mobile devices with fake login pages that mimic legitimate corporate portals. The attack, which has already affected organizations in the manufacturing sector, enables hackers to steal…
Docker Zombie Malware Infects Containers to Mine Crypto and Self-Replicate
A sophisticated self-replicating malware strain targeting Docker environments has been discovered propagating across insecurely published Docker APIs. This “zombie” malware, observed in May 2025, autonomously infects Docker containers and transforms them into cryptomining nodes while simultaneously scanning for new victims…
New Scan Reveals 150K Industrial Systems Around the Globe are Exposed to Cyberattacks
A groundbreaking study has uncovered approximately 150,000 industrial control systems (ICS) exposed to the public internet across the globe, raising significant cybersecurity concerns for critical infrastructure worldwide. This extensive research, published in 2024, reveals that these vulnerable systems span 175…
71 Fake Sites Using Brand Scam to Steal Payment Info Linked to German Retailer
A sophisticated network of 71 fraudulent websites impersonating a major German discount retailer has been uncovered, revealing an elaborate scheme designed to steal payment information and personal data from unsuspecting consumers. These sites employ typosquatting techniques, using domain names that…
PupkinStealer Leveraging Web browser Passwords & App Tokens to Exfiltrate Data via Telegram
A sophisticated information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to Windows users, with initial detections dating back to April 2025. This .NET-based malware specifically targets stored credentials in web browsers and authentication tokens from popular messaging applications,…
CISA Warns of Russian Hackers Attacking Logistics & IT Companies with Windows Utilities
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners, released a joint advisory today warning that Russian military intelligence hackers are targeting Western logistics companies and technology…
PowerDNS Vulnerability Let Attackers Trigger DoS Attack Via Malicious TCP Connection
PowerDNS has released a critical update to address a high-severity vulnerability in its DNS proxy and load balancer, DNSdist, that could allow unauthenticated attackers to cause service disruptions through specially crafted TCP connections. The vulnerability, tracked as CVE-2025-30193 with a…
Windows 11 Administrator Protection Enhances Security Against Elevated Privileges Attacks
Microsoft’s upcoming Administrator protection feature for Windows 11 represents a significant architectural overhaul of Windows security, designed to combat the growing threat of privilege escalation attacks. This new security layer addresses the vulnerabilities associated with traditional administrator accounts by implementing…
IBM Warns of One-Third of Cyber Attacks are Highly Sophisticated to Steal Login Credentials
In a concerning revelation from the latest IBM X-Force 2025 Threat Intelligence Index, approximately one-third of cyber attacks now involve highly sophisticated techniques aimed at stealing login credentials rather than employing traditional brute-force hacking methods. The report highlights that 30%…
Cellcom Confirms Cyberattack Following Widespread Service Outage
After nearly a week of disrupted services, Wisconsin-based telecommunications provider Cellcom has officially confirmed that a cyberattack is responsible for the ongoing service outage affecting thousands of customers across its network. The incident, which began on Wednesday, May 14, has…
VanHelsing Ransomware Builder Leaked on Hacking Forums
A significant development in the cybercriminal landscape occurred on May 20, 2025, when the VanHelsing ransomware-as-a-service (RaaS) operation publicly released its source code after an alleged former developer attempted to sell it on the RAMP cybercrime forum. Security researchers have…
3 Ways MSSPs Can Boost Security Operations With Malware Sandbox
Managed Security Service Providers (MSSPs) face constant pressure to deliver accurate detection, fast response, and efficient training without overloading their teams. With cyberattacks becoming more complex and evasive, the right tools can make all the difference. Let’s explore how fully…
SideWinder APT Hackers Exploiting Old Office Flaws to Deliver Malware Bypassing Detections
In a sophisticated campaign targeting high-level government institutions across South Asia, the SideWinder Advanced Persistent Threat (APT) group has been leveraging years-old Microsoft Office vulnerabilities to deliver malware while evading detection. The threat actors are specifically targeting organizations in Sri…
LockBit Internal Data Leak Exposes Payload Creation Patterns & Ransom Demands
In May 2025, the cybersecurity community was granted an unprecedented glimpse into the operations of one of the world’s most notorious ransomware groups when LockBit themselves fell victim to a data breach. The leaked information, made available via a Tor…
Extracting Credentials from Microsoft Deployment Toolkit Shares – Red Teaming
Microsoft Deployment Toolkit (MDT) shares, an often-overlooked infrastructure component, can be a goldmine of credentials for attackers. A new report published by TrustedSec highlights how red teams can easily extract domain administrator credentials from misconfigured MDT deployments, potentially leading to…
Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server
Atlassian has released its May 2025 Security Bulletin, disclosing eight high-severity vulnerabilities affecting multiple Data Center and Server products. The security flaws, discovered through the company’s Bug Bounty program, penetration testing, and third-party library scans, could expose enterprise systems to…