In August 2025, a sophisticated cyber attack targeted an Asian subsidiary of a large European manufacturing organization through a deceptive job offer scheme. The intrusion campaign, identified as Operation DreamJob, demonstrates how threat actors continue to refine social engineering techniques…
Category: Cyber Security News
Ransomware Actors Primarily Targeting Retailers This Holiday Season to Deploy Malicious Payloads
Retailers are facing a sharp rise in targeted ransomware activity as the holiday shopping season begins. Threat groups are timing their attacks to peak sales periods, when downtime is most painful and the pressure to pay is highest. This campaign…
Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw, tracked as CVE-2025-13051, affects two widely used ASUSTOR applications and poses a significant risk to…
Critical Grafana Vulnerability Let Attackers Escalate Privilege
Grafana Labs has disclosed a critical security vulnerability affecting Grafana Enterprise that could allow attackers to escalate privileges and impersonate users. The flaw, tracked as CVE-2025-41115, has received the maximum CVSS score of 10.0, making it one of the most severe…
Broadcom Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The Cl0p ransomware group has claimed responsibility for infiltrating Broadcom’s internal systems as part of an ongoing exploitation campaign targeting Oracle E-Business Suite vulnerabilities. The hack uses a critical zero-day vulnerability (CVE-2025-61882) rated 9.8 on the CVSS scale, allowing attackers…
China-linked APT24 Hackers New BadAudio Compromised Legitimate Public Websites to Attack Users
APT24, a sophisticated cyber espionage group linked to China’s People’s Republic, has launched a relentless three-year campaign delivering BadAudio, a highly obfuscated first-stage downloader that enables persistent network access to targeted organizations. The threat actor has demonstrated remarkable adaptability by…
Windows 11 to Hide BSOD Crash Errors on Public Displays
Microsoft has introduced a practical new feature in Windows 11 designed specifically for public-facing monitors and signage. This new mode ensures that the dreaded Blue Screen of Death (BSOD) and other disruptive error dialogs are hidden from view on non-interactive…
Salesforce Confirms that Customers’ Data Was Accessed Following the Gainsight Breach
Salesforce has issued a critical security alert identifying “unusual activity” involving Gainsight-published applications connected to customer environments. The CRM giant’s investigation indicates that this activity may have enabled unauthorized access to Salesforce data through the applications’ external connections. In an…
Authorities Sanctioned Russia-based Bulletproof Hosting Provider for Supporting Ransomware Operations
The U.S. Department of the Treasury, Australia, and the United Kingdom have announced coordinated sanctions against Media Land. This Russia-based bulletproof hosting company provides infrastructure to ransomware and other cybercriminals. The U.S. Federal Bureau of Investigation also coordinated the action…
OpenAI Releases GPT-5.1-Codex-Max that Performs Coding Tasks Independently
OpenAI has launched GPT-5.1-Codex-Max, a specialized coding model designed to handle complex development tasks autonomously. The new system represents a significant leap in agentic AI capabilities, enabling machines to work on coding projects with minimal human intervention. GPT-5.1-Codex-Max operates differently from…
SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely
SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service attacks. The vulnerability was internally discovered and reported by SonicWall’s security team. The flaw, tracked as CVE-2025-40601,…
Salesforce Confirms that Customers’ Data Was accessed Following the Gainsight Breach
Salesforce has issued a critical security alert identifying “unusual activity” involving Gainsight-published applications connected to customer environments. The CRM giant’s investigation indicates that this activity may have enabled unauthorized access to Salesforce data through the applications’ external connections. In an…
Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant’s internal systems. This development is part of a massive extortion campaign exploiting a critical zero-day vulnerability in Oracle…
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft’s Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images. With a CVSS score of 9.8, this vulnerability poses a severe threat to Windows users worldwide, as…
New Ransomware Variants Targeting Amazon S3 Services Leveraging Misconfigurations and Access Controls
A new wave of ransomware attacks is targeting cloud storage environments, specifically focusing on Amazon Simple Storage Service (S3) buckets that contain critical business data. Unlike traditional ransomware that encrypts files using malicious software, these attacks exploit weak access controls…
Samourai Wallet Cryptocurrency Mixing Founders Jailed for Laundering Over $237 Million
The U.S. Attorney’s Office, Southern District of New York, has announced the sentencing of Keonne Rodriguez and William Lonergan Hill, co-founders of Samourai Wallet, a cryptocurrency mixing application designed specifically to hide illegal financial transactions. Rodriguez, who served as the…
Sturnus Banking Malware Steals Communications from Signal and WhatsApp, Gaining Full Control of The Device
A new banking malware called Sturnus has emerged as a significant threat to mobile users across Europe. Security researchers have discovered that this sophisticated Android trojan can capture encrypted messages from popular messaging apps like WhatsApp, Telegram, and Signal by…
Tsundere Botnet Abusing Popular Node.js and Cryptocurrency Packages to Attack Windows, Linux, and macOS Users
Tsundere represents a significant shift in botnet tactics, leveraging the power of legitimate Node.js packages and blockchain technology to distribute malware across multiple operating systems. First identified around mid-2025 by Kaspersky GReAT researchers, this botnet demonstrates the evolving sophistication of…
GenAI Makes it Easier for Cybercriminals to Successfully Lure Victims into Scams
Cybercriminals are rapidly embracing generative AI to transform the way they operate scams, making fraud operations faster, more convincing, and dramatically easier to scale. According to recent research, what once required months of work and specialized technical skills can now…
New Malware Via WhatsApp Exfiltrate Contacts to Attack Server and Deploys Malware
Trustwave SpiderLabs researchers have identified a sophisticated banking trojan called Eternidade Stealer that spreads through WhatsApp hijacking and social engineering tactics. The malware, written in Delphi, represents a significant evolution in Brazil’s cybercriminal landscape, combining advanced contact harvesting with credential…