BugTrace-AI, an open-source suite that harnesses generative AI to supercharge vulnerability detection. Launched as a one-stop web security analysis platform, BugTrace-AI blends static (SAST) and dynamic (DAST) testing with AI-driven reconnaissance, payload crafting, and more, all in a sleek React-based…
Category: Cyber Security News
Critical Vulnerability in Popular Node.js Library Exposes Windows Systems to RCE Attacks
A serious security flaw has been discovered in systeminformation, a popular Node.js library used by thousands of developers. The vulnerability, labelled CVE-2025-68154, allows attackers to run malicious code on Windows computers. All versions up to 5.27.13 are affected, and developers…
Critical Apache Commons Text Vulnerability Enables Remote Code Execution Attacks
A newly disclosed security flaw in Apache Commons Text, tracked as CVE-2025-46295, has been identified as a remote code execution (RCE) vulnerability. That could allow attackers to compromise systems using vulnerable versions of the library. The issue impacts Apache Commons Text versions before 1.10.0,…
Phantom Stealer Attacking Users to Steal Sensitive Data like Passwords, Browser Cookies, Credit Card Data
Phantom Stealer version 3.5 has emerged as a serious threat to users worldwide, capable of extracting sensitive information including passwords, browser cookies, credit card details, and cryptocurrency wallet data. This sophisticated malware operates through deceptive packaging, often disguised as legitimate…
Kimwolf Android Botnet Hijacked 1.8 Million Android Devices Worldwide
A massive botnet targeting Android devices has emerged as one of the most significant threats in the cybersecurity landscape today. Named Kimwolf, this sophisticated malware has compromised approximately 1.8 million Android devices worldwide, including smart TVs, set-top boxes, tablets, and…
Let’s Encrypt Unveils New “Generation Y” Root and 45-Day Certificates
Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies. The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to…
Security Measures at NOWPayments: What Businesses Need to Know
When businesses start accepting crypto payments, security is often one of the first concerns. This is completely understandable. Crypto works differently from traditional payments, and many people want to know how their funds and transactions are protected. NOWPayments approaches security…
Hackers Actively Attacking Cisco and Palo Alto Networks VPN Gateways to Gain Login Access
Threat actors launched a coordinated brute-force campaign against enterprise VPN gateways, hammering Palo Alto Networks GlobalProtect portals and Cisco SSL VPN endpoints with millions of automated login attempts in mid-December 2025. GreyNoise intelligence revealed the attacks stemmed from centralized infrastructure…
Cisco AsyncOS 0-Day Vulnerability Exploited in the Wild to run System-level Commands
An active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, targeting Secure Email Gateway (formerly Email Security Appliance, ESA) and Secure Email and Web Manager (formerly Content Security Management Appliance, SMA). The attack, spotted since late November 2025 and…
NAKIVO v11.1 Introduces Stronger Protection for Virtual Environments
Enterprise-Grade Disaster Recovery and MSP Capabilities Now Available NAKIVO, a leading provider of data protection solutions, has released NAKIVO Backup & Replication v11.1, marking a significant leap forward in protecting virtual environments and empowering managed service providers (MSPs). After completing the…
Microsoft 365 Services Including Teams, Outlook and Copilot Outage Hits Users in Japan and China
Thousands of users in Japan and China faced widespread access and sign-in disruptions to Microsoft 365 and Copilot services early Thursday, stemming from a critical routing issue in the company’s infrastructure. Microsoft’s admin center status page confirmed the outage began…
Kimsuky Hackers Attacking Users via Weaponized QR Code to Deliver Malicious Mobile App
The North Korean state-linked threat group Kimsuky has expanded its attack methods by distributing a dangerous mobile malware through weaponized QR codes, targeting users through sophisticated phishing sites that imitate package delivery services. Security researchers discovered the malicious campaign in…
Operation ForumTrol Known for Exploiting Chrome 0-Day Attacking Users With New Phishing Campaign
Operation ForumTrol, an advanced persistent threat group, has launched a new targeted phishing campaign against Russian political scientists and researchers. This sophisticated operation continues the group’s pattern of cyberattacks that began in March 2025 with the exploitation of CVE-2025-2783, a…
5 SOC Analyst Tips for Super-Fast Triage
Every extra minute spent guessing during triage puts your SOC at risk. When it’s unclear what a file does, whether it’s malicious, or how urgent it is, real threats slip through while time is wasted on noise. Fast triage depends on removing uncertainty early,…
Microsoft Desktop Windows Manager Out-Of-Bounds Vulnerability Let Attackers Escalate Privileges
Microsoft has confirmed a critical out-of-bounds vulnerability in the Desktop Window Manager (DWM) that allows local attackers to escalate privileges to SYSTEM on affected Windows systems. The vulnerability, identified as CVE-2025-55681, resides in the dwmcore.dll component and impacts Windows 10, Windows…
Hackers Could Take Control of Car Dashboard by Hacking Its Modem
Modern vehicles are increasingly defined by their connectivity, transforming them into sophisticated IoT devices on wheels. While this digital evolution enhances the driving experience, it introduces severe security risks. A hypothetical scenario where a car dashboard is remotely hijacked to…
Chinese Hackers Using Custom ShadowPad IIS Listener Module to Turn Compromised Servers into Active Nodes
The group employs a custom ShadowPad IIS Listener module to transform compromised servers into a resilient, distributed relay network. This approach allows attackers to route malicious traffic through victim infrastructure, effectively turning hacked organizations into a mesh of command-and-control nodes.…
Microsoft Asks IT Admins to Contact for Fix Related to Windows IIS Failure Issues
Microsoft has confirmed that its December 2025 Windows security update (KB5071546, OS Build 19045.6691) is causing Message Queuing (MSMQ) failures, leading to widespread IIS site crashes. First reported on December 12 and last updated December 16, the problem manifests under…
CISA Warns of Gladinet CentreStack and Triofox Vulnerability Exploited in Attacks
CISA issued a critical warning regarding a hardcoded cryptographic key vulnerability affecting Gladinet CentreStack and Triofox file management solutions. The vulnerability, tracked as CVE-2025-14611, poses significant risks to organizations using these widely deployed enterprise file-sharing platforms. The flaw lies in…
New Research Reveals 90% of Parked Domains Now Deliver Malware, Scams, and Phishing Attacks
The cybersecurity threat landscape has shifted dramatically, and parked domains have become a primary weapon for delivering malware, scams, and phishing attacks to unsuspecting internet users. What was once considered a harmless domain monetization practice has transformed into a dangerous…