Category: Cyber Security News

Discord has introduced a groundbreaking privacy feature called “Ignore.” This announcement coincides with Safer Internet Day 2025, celebrated globally on February 11, which emphasizes creating a safer and more responsible digital environment.  The inclusion of Ignore demonstrates Discord’s recognition of…

Read more →

In the ongoing battle between cybersecurity and AI, researchers have introduced a groundbreaking innovation, IllusionCAPTCHA, a CAPTCHA system that leverages visual illusions to differentiate between human users and AI bots. This novel approach aims to counter the increasing threat of…

Read more →

The USB Army Knife is a versatile red-teaming tool for penetration testers that emulates a USB Ethernet adapter for traffic capture, enables custom attack interfaces, and functions as covert storage all in one compact device. This multi-functional firmware combines a…

Read more →

SEOUL, South Korea’s National Intelligence Service (NIS) has raised concerns over the Chinese AI app DeepSeek, accusing it of “excessively” collecting personal data and posing national security risks.  The NIS issued an advisory urging government agencies to adopt stringent security…

Read more →

A sophisticated malware campaign dubbed “FinStealer” is actively targeting customers of a leading Indian bank through fraudulent mobile applications. The malware, identified as Trojan.rewardsteal/joxpk, employs advanced tactics to steal banking credentials and personal information from unsuspecting users. The malicious campaign…

Read more →

Progress has disclosed multiple critical security vulnerabilities affecting its LoadMaster product line, including the Multi-Tenant (MT) hypervisor.  These vulnerabilities, identified as CVE-2024-56131, CVE-2024-56132, CVE-2024-56133, CVE-2024-56134, and CVE-2024-56135, allow attackers to execute arbitrary system commands or access sensitive files.  While no…

Read more →

January 2025 marked a significant month in the ransomware landscape, with Akira emerging as the leading threat. According to recent reports, Akira was responsible for 72 attacks globally, highlighting its rapid rise in prominence. This surge in activity is part…

Read more →

Eric Council Jr., a 25-year-old from Athens, Alabama, pleaded guilty on February 10, 2025, to charges stemming from the January 2024 hacking of the U.S. Securities and Exchange Commission’s (SEC) social media account on X (formerly Twitter).  The breach involved…

Read more →

Researchers have shed light recently on the sophisticated tactics, techniques, and procedures (TTPs) employed by North Korean hackers. This comprehensive analysis, spanning nearly three years, focuses on targeted digital threats against civil society organizations (CSOs) in South Korea. The research…

Read more →

A recently discovered vulnerability in Ubuntu 22.04’s printing subsystem, specifically within the “ippusbxd” package, could have allowed attackers to execute arbitrary code on locked laptops. However, modern compiler features stepped in to mitigate the risk, preventing exploitation beyond a system…

Read more →

Apple has rolled out iOS 18.3.1 and iPadOS 18.3.1, addressing a Zero-day vulnerability exploited in targeted extremely sophisticated attacks by taking advantage of disabling the USB-restricted mode. Apple’s USB Restricted Mode is a security feature that prevents unauthorized access to data…

Read more →

In a significant breakthrough against global cybercrime, Thai authorities announced today the arrest of four European nationals linked to the notorious 8Base ransomware group. The operation, codenamed “Phobos Aetor,” culminated in the seizure of the group’s dark web infrastructure and…

Read more →

A critical security vulnerability, CVE-2024-52875, has been identified in GFI KerioControl firewalls, affecting versions 9.2.5 through 9.4.5. This flaw, which can be exploited for remote code execution (RCE), has already drawn significant attention from cybercriminals, with thousands of unpatched systems…

Read more →

A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate, Copilot Studio, and Copilot 365. The patched flaw posed severe…

Read more →

Cybersecurity experts have observed a significant increase in the use of the NetSupport Remote Access Trojan (RAT) in recent months, a malicious tool that allows attackers to gain full control over compromised systems. This surge in activity has been linked…

Read more →

QR codes have become an integral part of our digital lives, offering quick access to websites, services, and even payment systems. However, their widespread use has also made them a prime target for scammers. A new threat, known as “quishing,”…

Read more →

With the release of DeepSeek-V3 on December 25, 2024, the number of LLMjacking attacks in the cybersecurity space has significantly increased. Within hours of its launch, malicious actors had compromised the model, integrating it into OpenAI Reverse Proxy (ORP) systems…

Read more →

A recent analysis of over 1 million malware samples unveiled a trend where adversaries increasingly exploit the Application Layer of the Open System Interconnection (OSI) model to conduct stealthy Command-and-Control (C2) operations.  By leveraging trusted Application Layer Protocols, attackers are…

Read more →

GitHub has unveiled a groundbreaking update to its AI-powered coding assistant, GitHub Copilot, with the introduction of Agent Mode.  This new feature, available in preview for Visual Studio Code (VS Code) Insiders, empowers developers to autonomously complete complex coding tasks…

Read more →

Cisco has reportedly fallen victim to a significant data breach, with sensitive credentials from its internal network and domain infrastructure leaked online. The breach is allegedly linked to the Kraken ransomware group, which has published a dataset on its dark…

Read more →