The notorious ShinyHunters cybercriminal group has emerged from a year-long hiatus with a sophisticated new wave of attacks targeting Salesforce platforms across major organizations, including high-profile victims like Google. This resurgence marks a significant tactical evolution for the financially motivated…
Category: Cyber Security News
Breaking Windows Out-of-Box-Experience to Gain Command Line Access With Admin Privileges
A new method has been identified to exploit Windows Out-of-Box-Experience (OOBE) that bypasses existing protections and grants administrative command line access to Windows machines. This technique works even when Microsoft’s recommended security measure, the DisableCMDRequest.tag file, is implemented to block…
VexTrio Hackers Attacking Users via Fake CAPTCHA Robots and Malicious Apps into Google Play and App Store
A sophisticated cybercriminal organization known as VexTrio has been orchestrating a massive fraud empire through deceptive CAPTCHA robots and malicious applications distributed across Google Play and the App Store. This criminal network, operating for over 15 years, has successfully infiltrated…
What Is Out-of-Bounds Read and Write Vulnerability?
Out-of-bounds read and write vulnerabilities represent critical security vulnerabilities that occur when software accesses memory locations beyond the allocated boundaries of data structures such as arrays, buffers, or other memory regions. These vulnerabilities can lead to information disclosure, system crashes,…
Microsoft Exchange Server Vulnerabilities Let Attackers Spoof and Tamper Over Network
Critical security vulnerabilities in Microsoft Exchange Server enable attackers to perform spoofing and tampering attacks over network connections. The vulnerabilities include two Exchange Server flaws (CVE-2025-25007 and CVE-2025-25005) enabling spoofing and tampering attacks, plus a Windows Graphics Component elevation of…
GitHub Copilot RCE Vulnerability via Prompt Injection Leads to Full System Compromise
A critical security vulnerability in GitHub Copilot and Visual Studio Code has been discovered that allows attackers to achieve remote code execution through prompt injection attacks, potentially leading to full system compromise of developers’ machines. The vulnerability, tracked as CVE-2025-53773,…
Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation
GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attacks. The patches were released on August 13, 2025, affecting GitLab Community Edition (CE) and Enterprise…
Microsoft Removes PowerShell 2.0 From Windows To Clean Up Legacy Code
Microsoft is officially removing Windows PowerShell 2.0 from its operating systems, marking the end of an era for the legacy scripting component that has been deprecated since 2017. The removal affects Windows 11 version 24H2 starting August 2025 and Windows…
CISA Added WinRaR Zero-Day (CVE-2025-8088) Vulnerability That is Actively Exploited In the Wild
The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, with a due date of September 2, 2025, for federal agencies to apply mitigations. WinRAR has released version 7.13 to address a critical…
Hackers Could Gain Full Control of Your Rooted Android Devices by Exploiting One Vulnerability
A critical security vulnerability discovered in popular Android rooting frameworks could allow malicious applications to completely compromise rooted devices, giving attackers full system control without user knowledge. The vulnerability, first identified in KernelSU version 0.5.7, demonstrates how seemingly robust authentication…
New ‘Curly COMrades’ APT Hackers Attacking Targeting Critical Organizations in Countries
A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage campaigns against critical organizations in countries experiencing substantial geopolitical shifts. The group has been actively pursuing long-term network access and credential…
New Multi-Stage Tycoon2FA Phishing Attack Now Beats Top Security Systems
If you think phishing is just clicking a bad link and landing on a fake login page, Tycoon2FA will prove you wrong. This new wave of phishing-as-a-service isn’t playing the old game anymore; it’s running a 7-stage obstacle course built…
Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code Remotely
Microsoft released critical security updates, addressing three serious vulnerabilities in Microsoft Office that could allow attackers to execute remote code on affected systems. The vulnerabilities, tracked as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, affect multiple versions of Microsoft Office and pose significant…
New Charon Ransomware Employs DLL Sideloading, and Anti-EDR Capabilities to Attack Organizations
A sophisticated new ransomware family called Charon has emerged in the cybersecurity landscape, targeting organizations in the Middle East’s public sector and aviation industry with advanced persistent threat (APT) techniques typically reserved for nation-state actors. The ransomware campaign represents a…
Several Docker Images Contain Infamous XZ Backdoor Planted for More Than a Year
The cybersecurity community continues to grapple with the lingering effects of the XZ Utils backdoor, a sophisticated supply chain attack that shook the industry in March 2024. What began as a carefully orchestrated two-year campaign by the pseudonymous developer ‘Jia…
FortiWeb Authentication Bypass Vulnerability Let Attackers Log in As Any Existing User
A critical authentication bypass vulnerability in FortiWeb allows unauthenticated remote attackers to impersonate any existing user on affected systems. The vulnerability, tracked as CVE-2025-52970 with a CVSS score of 7.7, affects multiple FortiWeb versions and stems from improper parameter handling…
Windows Remote Desktop Services Vulnerability Let Attacker Deny Services Over Network
Microsoft released security patches addressing a significant vulnerability in Windows Remote Desktop Services that could allow unauthorized attackers to launch denial of service attacks over network connections. The vulnerability, designated as CVE-2025-53722, affects multiple Windows versions spanning from legacy systems…
FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control
A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems. The flaw, designated as CVE-2024-26009 with a CVSS score of 7.9, enables unauthenticated attackers to seize complete control of managed devices through exploitation of…
New Windows 0-Click NTLM Credential Leakage Vulnerability Bypasses Microsoft’s Patch
A critical zero-click NTLM credential leakage vulnerability that circumvents Microsoft’s recent patch for CVE-2025-24054. The newly identified flaw, assigned CVE-2025-50154, allows attackers to extract NTLM hashes from fully patched Windows systems without any user interaction, demonstrating that Microsoft’s April security…
What is MCP Server – How it is Powering AI-Driven Cyber Defense
MCP (Model Control Plane) Server is a centralized platform that orchestrates, manages, and secures the lifecycle of AI models deployed across an organization’s infrastructure. By providing integration, management, and real-time monitoring of models, MCP servers enable enterprises to defend against…