Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remotely. The vulnerability, tracked as CVE-2025-20265 and assigned the maximum CVSS score…
Category: Cyber Security News
Threat Actors Personalize Phishing Attacks With Advanced Tactics for Malware Delivery
Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded links to create a false sense of authenticity and urgency. This sophisticated approach represents a…
New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data
A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which…
Qilin Ransomware Leads The Attack Landscape With 70+ Claimed Victims in July
The ransomware threat landscape witnessed a concerning surge in July 2025, with the Qilin ransomware group maintaining its dominant position for the third time in four months. The group successfully claimed 73 victims on its data leak site, representing 17.3%…
New EncryptHub Campaign Leverages Brave Support Platform to Deliver Malicious Payloads via MMC Vulnerability
The cyberthreat landscape continues to evolve as malicious actors develop increasingly sophisticated attack methods, with the EncryptHub threat group emerging as a particularly concerning adversary. This emerging threat actor, also known as LARVA-208 and Water Gamayun, has been making headlines…
Threat Actors Weaponizing YouTube Video Download Site to Download Proxyware Malware
Cybercriminals have escalated their proxyjacking campaigns by exploiting legitimate user behavior around YouTube video downloads, according to a recent security analysis. The attack leverages fake YouTube download sites to distribute proxyware malware, specifically targeting users seeking free video conversion services.…
New Trends in Phishing Attacks Emerges as AI Reshaping the Tool Used by Cybercriminals
The cybersecurity landscape is witnessing a fundamental transformation as artificial intelligence becomes the newest weapon in cybercriminals’ arsenals, revolutionizing traditional phishing and scam operations. Unlike conventional phishing campaigns that were often riddled with grammatical errors and obvious tells, modern AI-powered…
Google Announces That Android’s pKVM Framework Achieves SESIP Level 5 Certification
Google has achieved a significant milestone in mobile security with the announcement that Android’s protected KVM (pKVM) hypervisor has officially received SESIP Level 5 certification, marking it as the first software security system designed for large-scale consumer electronics deployment to…
Canada’s House of Commons Hit by Cyberattack Exploiting Recent Microsoft vulnerability
A significant cyberattack hit the Canadian House of Commons on August 9, 2025, when threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorized access to sensitive employee information. The breach underscores the growing cybersecurity challenges facing Canada’s government…
SmartLoader Malware via Github Repository as Legitimate Projects Infection Users Computer
Cybersecurity researchers have uncovered a sophisticated malware distribution campaign utilizing GitHub repositories disguised as legitimate software projects. The SmartLoader malware has been strategically deployed across multiple repositories, capitalizing on users’ trust in the popular code-sharing platform to infiltrate systems worldwide.…
How ShinyHunters Breached Google, Adidas, Louis Vuitton and More in Ongoing Salesforce Attack Campaign
The cybersecurity landscape witnessed a sophisticated and ongoing attack campaign throughout 2025 that has successfully compromised major corporations, including Google, Adidas, Louis Vuitton, and numerous other high-profile organizations. This comprehensive technical analysis reveals how the notorious cybercriminal group ShinyHunters, in…
Adobe’s August 2025 Patch Tuesday – 60 Vulnerabilities Patches Across Multiple Products
Adobe has released a comprehensive security update addressing 60 critical vulnerabilities across 13 of its flagship products as part of its August 2025 Patch Tuesday initiative. The massive security bulletin, published on August 12, 2025, represents one of the most…
Apache Tomcat Vulnerabilities Let Attackers Trigger Dos Attack
A critical security vulnerability in Apache Tomcat’s HTTP/2 implementation has been discovered, enabling attackers to launch devastating denial-of-service (DoS) attacks against web servers. The vulnerability, designated as CVE-2025-48989 and dubbed the “Made You Reset” attack, affects multiple versions of the…
Splunk Release Guide for Defenders to Detect Suspicious Activity Before ESXi Ransomware Attack
A detailed security guide released by Splunk to help cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause catastrophic damage. The guide comes as a response to increasing threats against VMware’s ESXi hypervisor systems, which…
Xerox FreeFlow Core Vulnerability Let Remote Attackers Execute Malicious Code – PoC Released
Critical vulnerabilities in Xerox FreeFlow Core, a widely-used print orchestration platform, allow unauthenticated remote attackers to execute malicious code on vulnerable systems. The flaws, tracked as CVE-2025-8355 and CVE-2025-8356, affect the JMF Client service and have been patched in FreeFlow…
Hackers Using Dedicated Phishlet to Launch FIDO Authentication Downgrade Attacks
A sophisticated new threat vector has emerged that could undermine one of the most trusted authentication methods in cybersecurity. FIDO-based passkeys, long considered the gold standard for phishing-resistant authentication, are now facing a potentially devastating attack technique that forces users…
CISA Warns of N-able N-Central Deserialization and Injection Vulnerability Exploited in Attacks
CISA has issued urgent warnings regarding two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software that threat actors are actively exploiting. The vulnerabilities, identified as CVE-2025-8875 and CVE-2025-8876, pose significant risks to organizations using this widely-deployed…
Critical WordPress Plugin Vulnerability Exposes 70,000+ Sites to RCE Attacks
A critical security vulnerability has been discovered in the popular “Database for Contact Form 7, WPforms, Elementor forms” WordPress plugin, potentially exposing over 70,000 websites to remote code execution attacks. The vulnerability, tracked as CVE-2025-7384 with a maximum CVSS score…
Web DDoS, App Exploitation Attacks Saw a Huge Surge in First Half of 2025
The cybersecurity landscape experienced an unprecedented escalation in digital threats during the first half of 2025, with Web Distributed Denial of Service (DDoS) attacks surging by 39% compared to the second half of 2024. The second quarter alone witnessed a…
“AI-Induced Destruction” – New Attack Vector Where Helpful Tools Become Accidental Weapons
Artificial intelligence coding assistants, designed to boost developer productivity, are inadvertently causing massive system destruction. Researchers report a significant spike in what they term “AI-induced destruction” incidents, where helpful AI tools become accidental weapons against the very systems they’re meant…