Pakistan’s National Cyber Emergency Response Team (NCERT) has issued urgent warnings to 39 government ministries following a sophisticated ransomware campaign targeting the country’s critical infrastructure. The Blue Locker ransomware has successfully compromised Pakistan Petroleum Limited (PPL), the nation’s second-largest oil…
Category: Cyber Security News
Threat Actors Weaponized Pirated Games to Bypass Microsoft Defender SmartScreen and Adblockers
Cybercriminals have successfully weaponized pirated gaming content to distribute sophisticated malware while bypassing popular security measures, including Microsoft Defender SmartScreen and widely-used adblockers. The campaign leverages trusted piracy platforms to deliver HijackLoader, a modular malware framework that has become increasingly…
Microsoft Confirms August Update Broken Reset and Recovery Options in Windows 11, 22H2, 23H2, and Others
Microsoft has officially confirmed that its August 2025 security update, known as KB5063709, is causing failures in key reset and recovery features across multiple versions of Windows. This issue, which emerged shortly after the update’s release on August 12, 2025,…
SSH Keys Are Crucial for Secure Remote Access but Often Remain a Blind Spot in Enterprise Security
Enterprise security strategies have evolved dramatically to address modern threats, yet SSH keys—critical cryptographic credentials that provide direct access to mission-critical systems—remain largely ungoverned and poorly managed across organizations. Despite their fundamental role in securing remote access to servers, cloud…
PipeMagic Malware Mimic as ChatGPT App Exploits Windows Vulnerability to Deploy Ransomware
A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460. This advanced malware masquerades as a legitimate open-source ChatGPT Desktop Application while exploiting the zero-day vulnerability CVE-2025-29824 in Windows…
New ClickFix Attack Uses Fake BBC News Page and Fraudulent Cloudflare Verification to Trick Users
A sophisticated new cyberthreat campaign has emerged that combines impersonation of trusted news sources with deceptive security verification prompts to trick users into executing malicious commands on their systems. According to a Reddit post, the ClickFix attack masquerades as legitimate BBC news…
Hackers Exploit Cisco Secure Links to Evade Link Scanners and Bypass Network Filters
A sophisticated attack campaign uncovered where cybercriminals are weaponizing Cisco’s own security infrastructure to conduct phishing attacks. The attackers are exploiting Cisco Safe Links technology, designed to protect users from malicious URLs, to evade detection systems and bypass network filters…
CISA Warns of Trend Micro Apex One OS Command Injection Vulnerability Exploited in Attacks
CISA has issued a critical warning regarding a high-severity OS command injection vulnerability in Trend Micro Apex One Management Console that threat actors are actively exploiting in the wild. The vulnerability, tracked as CVE-2025-54948 and classified under CWE-78, poses significant…
Crypto Developers Attacked With Malicious npm Packages to Steal Login Details
A sophisticated new threat campaign has emerged targeting cryptocurrency developers through malicious npm packages designed to steal sensitive credentials and wallet information. The attack, dubbed “Solana-Scan” by researchers, specifically targets the Solana cryptocurrency ecosystem by masquerading as legitimate software development…
Threat Actors Abuse Microsoft Help Index File to Execute PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting Microsoft Help Index Files (.mshi) to deliver the notorious PipeMagic backdoor, marking a significant evolution in the threat actors’ tactics since the malware’s first detection in 2022. The campaign, which has…
Threats Actors Using Telegram as The Communication Channel to Exfiltrate The Stolen Data
Cybersecurity researchers have identified an alarming trend where threat actors are increasingly leveraging Telegram’s Bot API infrastructure as a covert communication channel for data exfiltration. This sophisticated attack methodology combines traditional phishing techniques with legitimate messaging services to bypass conventional…
Weaponized Python Package Termncolor Attacking Leverages Windows Run Key to Maintain Persistence
A sophisticated supply chain attack targeting Python developers has emerged through a seemingly innocuous package named termncolor, which conceals a multi-stage malware operation designed to establish persistent access on compromised systems. The malicious package, distributed through the Python Package Index…
DoJ Seizes $2.8 Million in Crypto From Zeppelin Ransomware Operators
The U.S. Department of Justice (DoJ) announced the seizure of over $2.8 million in cryptocurrency, $70,000 in cash, and a luxury vehicle linked to Zeppelin ransomware operations. The warrants were unsealed on August 14, 2025, in federal courts across Virginia,…
Technical Details of SAP 0-Day Exploitation Script Used to Achieve RCE Disclosed
A sophisticated zero-day exploitation script targeting SAP systems has emerged in the cybersecurity landscape, demonstrating advanced remote code execution capabilities that pose significant risks to enterprise environments worldwide. The malicious payload specifically targets SAP NetWeaver Application Server vulnerabilities, exploiting weaknesses…
Intel Websites Exploited to Hack Every Intel Employee and View Confidential Data
A series of critical vulnerabilities across multiple internal Intel websites allowed for the complete exfiltration of the company’s global employee database and access to confidential supplier information. The flaws, stemming from basic security oversights, exposed the personal details of over…
APT SideWinder Actor Profile – Recent Attacks, Tactics, Techniques, and Procedures
APT SideWinder, also known as Rattlesnake, Razor Tiger, and T-APT-04, is a nation-state advanced persistent threat (APT) group active since at least 2012 and believed to originate from India. Noted for targeting military, government, and strategic business entities, particularly in…
X-VPN’s August Update Lets Mobile Users Choose Servers in 26 Regions with Military-Grade AES-256 Encryption
San Francisco, CA – August 12, 2025 — Addressing the growing demand for data privacy in financial workflows, X-VPN has rolled out an update to its mobile application, now offering free users the ability to manually choose from 26 server…
Linux Kernel Netfilter Vulnerability Let Attackers Escalate Privileges
A critical vulnerability in the Linux kernel’s netfilter ipset subsystem has been discovered that allows local attackers to escalate privileges to root-level access. The flaw, identified in the bitmap:ip implementation within the ipset framework, stems from insufficient range validation when…
New Ghost-tapping Attacks Steal Customers’ Cards Linked to Services Like Apple Pay and Google Pay
A sophisticated new cybercriminal technique known as “ghost-tapping” has emerged as a significant threat to contactless payment systems, enabling Chinese-speaking threat actors to exploit stolen payment card details linked to mobile wallet services such as Apple Pay and Google Pay.…
Bragg Confirms Cyber Attack – Hackers Accessed Internal IT Systems
Bragg Gaming Group has confirmed a significant cybersecurity incident that compromised the company’s internal IT infrastructure early Saturday morning, August 16, 2025. The online gaming technology provider discovered unauthorized network intrusion attempts that successfully breached their security perimeter, prompting immediate…