New release brings significant improvements to the penetration testing framework, introducing enhanced GUI features, REST API support, and powerful new evasion techniques that security researchers can leverage for offensive operations. The latest release features a completely redesigned graphical interface with…
Category: Cyber Security News
YAMAGoya – Real-Time Threat Monitoring Tool Using Sigma and YARA Rules
Modern cybersecurity faces an escalating challenge: fileless malware and obfuscation techniques increasingly bypass traditional file-based detection methods. To address this growing threat, JPCERT/CC has released YAMAGoya. This open-source threat hunting tool leverages industry-standard detection rules to identify suspicious activity in…
Russian and North Korean Hackers Form Alliances to Attack Organizations Worldwide
State-sponsored hacking groups have historically operated in isolation, each pursuing its own national agenda. However, new evidence reveals that two of the world’s most dangerous advanced persistent threat (APT) actors may now be working together. Russia-aligned Gamaredon and North Korea’s…
KawaiiGPT – New Black-Hat AI Tool Used by Hackers to Launch Cyberattacks
KawaiiGPT, a free malicious large language model (LLM) first spotted in July 2025 and now at version 2.5, empowers novice cybercriminals with tools for phishing emails, ransomware notes, and attack scripts, drastically lowering the entry barrier for cybercrime. Unlike paid…
#1 Gap in Your SOCs Is Probably Not What You Think
Leading a Security Operations Center has never been more challenging. SOC managers today juggle expanding attack surfaces, remote workforces, cloud migrations, and an explosion of security tools. All while trying to keep pace with increasingly automated attacks. Every day feels like…
CISA Warns of Threat Actors Leveraging Commercial Spyware to Target Users of Signal and WhatsApp
Cybersecurity authorities have raised fresh alarms over the spread of advanced commercial spyware targeting secure messaging apps like Signal and WhatsApp. According to a recent CISA advisory, multiple cyber threat actors actively deploy this sophisticated malware to compromise users’ smartphones,…
Critical FluentBit Vulnerabilities Let Attackers to Cloud Environments Remotely
A new chain of five critical vulnerabilities discovered in Fluent Bit has exposed billions of containerized environments to remote compromise. Fluent Bit, an open-source logging and telemetry agent deployed over 15 billion times globally, sits at the core of modern…
Threat Actors Exploiting Black Friday Shopping Hype – 2+ Million Attacks Recorded
The 2025 Black Friday shopping season has become a prime hunting ground for cybercriminals, with threat actors recording over 2 million phishing attacks targeting online gamers and shoppers worldwide. As global e-commerce continues to grow at 7-9% annually, attackers have…
Threat Actors Leverage Blender Foundation Files to Deliver Notorious StealC V2 Infostealer
Cybercriminals have discovered a new attack vector targeting the creative design community by exploiting Blender, a widely used open-source 3D modeling application. Threat actors are uploading malicious files to popular asset platforms like CGTrader, containing embedded Python scripts that execute…
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by the notorious Clop ransomware gang, has impacted dozens of major organizations worldwide. The…
Microsoft’s Update Health Tools Configuration Vulnerability Let Attackers Execute Arbitrary Code Remotely
A critical remote code execution (RCE) vulnerability in Microsoft’s Update Health Tools (KB4023057). A widely deployed Windows component designed to expedite security updates through Intune. The flaw stems from the tool connecting to dropped Azure Blob storage accounts that attackers could register…
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
A critical security flaw has been discovered in HashiCorp’s Vault Terraform Provider that could allow attackers to bypass authentication and access Vault without valid credentials. The vulnerability, tracked as CVE-2025-13357, affects organizations using LDAP authentication with Vault. The security issue…
ClickFix Attack Uses Steganography to Hide Malicious Code in Fake Windows Security Update Screen
A new wave of ClickFix attacks is abusing highly realistic fake Windows Update screens and PNG image steganography to secretly deploy infostealing malware such as LummaC2 and Rhadamanthys on victim systems. The campaigns rely on tricking users into manually running…
Top 10 Best Exposure Management Tools In 2026
Exposure Management is a proactive cybersecurity discipline that systematically identifies, assesses, prioritizes, and remediates security vulnerabilities and misconfigurations across an organization’s entire attack surface both internal and external. Unlike traditional, periodic vulnerability scanning, EM leverages continuous monitoring, threat intelligence, and…
Hackers Leveraging WhatsApp to Silently Install Malware to Harvest Logs and Contact Details
A new malware campaign targeting Brazilian users has emerged, using WhatsApp as its primary distribution channel to spread banking trojans and harvest sensitive information. This sophisticated attack leverages social engineering by exploiting the trust victims place in their existing contacts,…
NVIDIA’s Isaac-GROOT Robotics Platform Vulnerability Let Attackers Inject Malicious Codes
NVIDIA has disclosed two critical code injection vulnerabilities affecting its Isaac-GR00T robotics platform. The vulnerabilities, tracked as CVE-2025-33183 and CVE-2025-33184, exist within Python components and could allow authenticated attackers to execute arbitrary code, escalate privileges, and alter system data. The…
Hackers Leveraging WhatsApp That Silently Harvest Logs and Contact Details
A new malware campaign targeting Brazilian users has emerged, using WhatsApp as its primary distribution channel to spread banking trojans and harvest sensitive information. This sophisticated attack leverages social engineering by exploiting the trust victims place in their existing contacts,…
Dropping Elephant Hacker Group Attacks Defense Sector Using Python Backdoor via MSBuild Dropper
India-aligned threat group Dropping Elephant has launched a sophisticated multi-stage cyberattack targeting Pakistan’s defense sector using a Python-based remote access trojan disguised within an MSBuild dropper. Idan Tarab has identified this advanced campaign that leverages fake defense-related phishing lures to…
Sha1-Hulud Supply Chain Attack: 800+ npm Packages and Thousands of GitHub Repos Compromised
A massive resurgence of the Sha1-Hulud supply chain malware has struck the open-source ecosystem, compromising over 800 npm packages and tens of thousands of GitHub repositories in a campaign the attackers have dubbed “The Second Coming.” This sophisticated wave targets…
PoC released for W3 Total Cache Vulnerability that Exposes 1+ Million Websites to RCE Attacks
A proof-of-concept exploit has been publicly released for CVE-2025-9501, a critical, unauthenticated command-injection vulnerability affecting W3 Total Cache, one of WordPress’s most widely deployed caching plugins. With over 1 million active installations, the vulnerability poses a significant risk to countless…