Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to sidestep authentication entirely through brute-force methods. Tracked as CVE-2025-49201, the flaw stems from a weak authentication mechanism in…
Category: Cyber Security News
Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware
Cybercriminals have developed a sophisticated phishing campaign targeting Colombian users through fake judicial notifications, deploying a complex multi-stage malware delivery system that culminates in AsyncRAT infection. The campaign demonstrates an alarming evolution in social engineering tactics, leveraging legitimate-looking governmental communications…
New Cyberattack Leverages NPM Ecosystem to Infect Developers While Installing Packages
Cybersecurity researchers have uncovered a sophisticated phishing campaign that weaponizes the NPM ecosystem through an unprecedented attack vector. Unlike traditional malicious package installations, this operation leverages the trusted unpkg.com CDN to deliver phishing scripts directly through browsers, targeting enterprise employees…
Support for Windows 10 Ends Today Leaving Users Vulnerable to Cyberattacks
Microsoft officially ended support for Windows 10, marking the close of a decade-long era for one of the most popular operating systems in history. This means that as of today, the company will no longer deliver free security updates, feature…
Microsoft October 2025 Patch Tuesday – 4 Zero-days and 173 Vulnerabilities Patched
Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 173 vulnerabilities across its ecosystem, including four zero-day flaws, of which two are actively exploited in the wild. This monthly security bulletin underscores the relentless pace of threat…
New IAmAntimalware Tool Injects Malicious Code Into Processes Of Popular Antiviruses
A sophisticated new tool called IAmAntimalware, designed to inject malicious code directly into antivirus software processes, potentially turning protective defenses into hidden backdoors for attackers. Released on October 11, 2025, by developer Two Seven One Three on GitHub, the tool…
178,000+ Invoices With Customers Personal Records Exposes from Invoice Platform Invoicely
In early October 2025, cybersecurity researcher Jeremiah Fowler discovered a publicly accessible database belonging to Invoicely, a Vienna-based invoicing and billing platform used by over 250,000 businesses worldwide. The repository contained 178,519 files in XLSX, CSV, PDF, and image formats,…
TA585 Hackers Uses Unique Web Injection Technique to Deliver MonsterV2 Malware Targeting Windows Systems
The cybersecurity landscape continues to face new threats as sophisticated threat actors develop increasingly complex attack methodologies. A newly identified cybercriminal group, designated TA585, has emerged as a significant concern due to its innovative approach to malware distribution and its…
Kaspersky Details Windows 11 Forensic Artifacts and Changes With Windows 10 for Investigators
As Microsoft pulls the plug on Windows 10 support today, October 14, 2025, organizations worldwide face a pivotal shift toward Windows 11. Yet adoption has lagged, with Kaspersky’s Global Emergency Response Team (GERT) noting in early 2025 that the decade-old…
Thousands of North Korean IT Workers Using VPNs and ‘Laptop Farms’ to Bypass Origin Verification
Since at least 2018, a covert network of thousands of North Korean IT contractors has infiltrated global technology and infrastructure firms by masquerading as legitimate freelancers. These operatives, operating under fabricated identities with AI-generated headshots, routinely use VPN services and…
ScreenConnect Abused by Threat Actors to Gain Unauthorized Remote Access to Your Computer
Remote monitoring and management (RMM) tools have long served as indispensable assets for IT administrators, providing seamless remote control, unattended access, and scripted automation across enterprise endpoints. In recent months, security researchers have observed a surge in adversaries repurposing ScreenConnect—a…
SimonMed Data Breach Exposes 1.2 Million Patients Sensitive Information
SimonMed Imaging, a leading U.S. provider of outpatient medical imaging services, has disclosed a major cybersecurity incident that compromised the personal and health data of approximately 1.2 million patients. The breach, which occurred earlier this year, was linked to a…
Elastic Cloud Enterprise Vulnerability Let Attackers Execute Malicious Commands
Elastic has disclosed a critical vulnerability in its Elastic Cloud Enterprise (ECE) platform that allows administrators with malicious intent to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 under advisory ESA-2025-21, the flaw stems from improper neutralization of…
New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability
A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit, raising alarms for Linux system administrators worldwide. CVE-2025-32463 targets the chroot feature in Sudo versions 1.9.14 through 1.9.17, enabling…
Pro-Russian Hacktivist Attacking OT/ICS Devices to Steal Login Credentials
A newly identified pro-Russian hacktivist group has successfully infiltrated operational technology and industrial control systems belonging to critical infrastructure organizations, employing sophisticated techniques to steal login credentials and disrupt vital services. The threat actor, known as TwoNet, represents an emerging…
Hackers Attacking macOS Users With Spoofed Homebrew Websites to Inject Malicious Payloads
A sophisticated campaign targeting macOS users has emerged through spoofed Homebrew installer websites that deliver malicious payloads alongside legitimate package manager installations. The attack exploits the widespread trust users place in the popular Homebrew package manager by creating pixel-perfect replicas…
Russian Cybercrime Market Hub Transferring from RDP Access to Malware Stealer Logs to Access
A new evolution is underway in the Russian cybercrime ecosystem: market operators and threat actors are rapidly shifting from selling compromised Remote Desktop Protocol (RDP) access to trading malware stealer logs for unauthorized system entry. This transition marks a significant…
Hackers Can Bypass OpenAI Guardrails Using a Simple Prompt Injection Technique
OpenAI’s newly launched Guardrails framework, designed to enhance AI safety by detecting harmful behaviors, has been swiftly compromised by researchers using basic prompt injection methods. Released on October 6, 2025, the framework employs large language models (LLMs) to judge inputs…
Axis Communications Vulnerability Exposes Azure Storage Account Credentials
A critical vulnerability in Axis Communications’ Autodesk Revit plugin has exposed Azure Storage Account credentials, creating significant security risks for customers and potentially enabling supply chain attacks targeting the architecture and engineering industry. The vulnerability stems from hardcoded credentials embedded…
North Korean Hackers Attacking Developers with 338 Malicious npm Packages
North Korean state-sponsored threat actors have intensified their supply chain attacks against software developers through a sophisticated campaign dubbed “Contagious Interview,” deploying 338 malicious npm packages that have accumulated over 50,000 downloads. The operation represents a dramatic escalation in the…