Microsoft 365 Family subscribers are currently facing disruptions in accessing their services due to a potential licensing issue, as confirmed by Microsoft on Thursday, April 10, 2025. The tech giant has acknowledged the problem and is actively investigating the root…
Category: Cyber Security News
CatB Ransomware Leveraging Microsoft Distributed Transaction Coordinator to Execute its Payload
The cybersecurity landscape has witnessed the emergence of a sophisticated threat actor with the appearance of CatB ransomware in late 2022. Also known as CatB99 or Baxtoy, this malware has gained significant attention for its advanced evasion capabilities and distinctive…
TP-Link IoT Smart Hub Vulnerability Exposes Wi-Fi Credentials
A critical vulnerability in the TP-Link Tapo H200 V1 IoT Smart Hub that could expose users’ Wi-Fi credentials to attackers. The flaw, assigned CVE-2025-3442, stems from the device’s firmware storing sensitive information in plain text, making it accessible to attackers…
SideCopy APT Hackers Mimic as Government Personnel to Deploy Open-Source XenoRAT Tool
A sophisticated campaign by the Pakistan-linked SideCopy Advanced Persistent Threat (APT) group has emerged since late December 2024, targeting critical Indian government sectors with enhanced tactics. The group has significantly expanded its scope beyond traditional defense and maritime sectors to…
HollowQuill Malware Attacking Government Agencies Worldwide Via Weaponized PDF Documents
A sophisticated malware campaign dubbed “HollowQuill” has emerged as a significant threat to academic institutions and government agencies worldwide. The attack leverages weaponized PDF documents disguised as research papers, grant applications, or official government communiques to entice unsuspecting victims into…
Russian APT Hackers Using Device Code Phishing Technique to Bypass MFA
A sophisticated cyber campaign orchestrated by the Russian state-backed group Storm-2372 has emerged, exploiting device code phishing tactics to circumvent Multi-Factor Authentication (MFA) security measures. This targeted approach represents a significant escalation in threat actors’ capabilities to defeat advanced security…
New Mirai Botnet Exploiting TVT DVRs To Gain Administrative Control
Cybersecurity researchers have identified a significant spike in exploitation attempts targeting TVT NVMS9000 digital video recorders (DVRs), with activity surging to three times normal levels in early April 2025. This new campaign appears to be linked to the infamous Mirai…
Linux Firewall IPFire 2.29 Released With Support for Post-Quantum Cryptography & Core Updates
IPFire has announced the release of version 2.29 (Core Update 193), introducing significant enhancements to the Linux-based firewall distribution. This update brings forward-thinking security features, including post-quantum cryptography support for IPsec tunnels and major toolchain upgrades that strengthen the system’s…
Authorities Seized Smokeloader Malware Operators & Seized Servers
Law enforcement agencies across Europe and North America have arrested five individuals linked to the Smokeloader botnet service as part of Operation Endgame’s second phase. This follow-up action, conducted in early April 2025, specifically targeted the “customers” of the notorious…
Microsoft Identity Web Package Vulnerability Exposes Client Secrets & Certificate Information
A moderate-severity vulnerability has been identified in Microsoft Identity Web. Under specific conditions, it could potentially expose sensitive client secrets and certificate information in service logs. The flaw, tracked as CVE-2025-32016, impacts versions 3.2.0 through 3.8.1 of the library and…
North Korean Hackers Employs Social Engineering Tactics & Python Script to Execute Hidden Commands
Cybersecurity experts have identified a sophisticated campaign by North Korean state-sponsored hackers who are leveraging Python-based lures and social engineering tactics to breach highly secure networks. The attackers employ a dual approach: meticulously crafted social engineering schemes combined with elegantly…
Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens
Scattered Spider, a notorious hacker collective active since at least 2022, continues to launch increasingly sophisticated social engineering attacks aimed at stealing usernames, login credentials, and multifactor authentication (MFA) tokens. The group, also known as UNC3944, Star Fraud, Octo Tempest,…
CISA Warns of Linux USB-Audio Driver Out-of-Bounds Vulnerability Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added two significant Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog yesterday, confirming both flaws are being actively weaponized in targeted attacks. Federal agencies have been mandated to patch affected…
New Double-Edged Email Attack Stealing Office365 Credentials and Deliver Malware
A sophisticated cyber attack campaign has emerged, employing a dual-threat approach to simultaneously steal Microsoft Office365 credentials and deliver malware to unsuspecting victims. This hybrid attack begins with deceptive emails disguised as file deletion reminders from legitimate file-sharing services, creating…
Hackers Allegedly Claiming WooCommerce Breach, 4.4 Million Customer Details Stolen
A hacker known by the alias “Satanic” has claimed responsibility for a massive data breach involving WooCommerce, one of the most widely used eCommerce platforms on the web. The breach, which reportedly occurred on April 6, 2025, involves the theft…
How Banking Trojan Grandoreiro is Evolving Tactics To Attack Victims in LATAM
A new wave of phishing emails is sweeping across Latin America, and once again, Grandoreiro is behind it. This banking trojan is no newcomer; it’s been active for years, evolving steadily into a more sophisticated and evasive threat. With targeted…
PAN-OS Firewall DoS Vulnerability Let Attacker Reboot Firewall Repeatedly
A significant denial-of-service vulnerability (CVE-2025-0128) is affecting multiple versions of their PAN-OS firewall software. The flaw allows unauthenticated attackers to remotely trigger system reboots using specially crafted packets, potentially forcing devices into maintenance mode through persistent attacks. A significant vulnerability…
Ransomware Groups Attacking Organizations to Exfiltrate Data & Blackmail via Leak Site Posts
In the first quarter of 2025, ransomware attacks have maintained an alarming trajectory, with threat actors adopting sophisticated strategies centered on data exfiltration and blackmail through leak site posts. These attacks continue to follow the pattern of “if it ain’t…
OpenSSH 10.0 Released With Protocol Changes & Security Upgrades
OpenSSH 10.0, a significant update to the widely adopted secure remote login and file transfer toolset, was officially released on April 9, 2025. This milestone version introduces substantial protocol changes, enhanced security features, and critical improvements to prepare for quantum…
Google Released AI-powered Firebase Studio to Accelerate Build, Test, & Deployment
Google has unveiled Firebase Studio, a groundbreaking cloud-based platform designed to streamline the creation of full-stack AI applications. This innovative tool integrates the power of Gemini AI with existing Firebase services, offering developers an end-to-end solution to prototype, build, test,…