In a coordinated international operation, law enforcement agencies successfully dismantled critical infrastructure belonging to the BlackSuit ransomware group, also known as Royal, marking a significant victory in the ongoing battle against cybercriminal enterprises. The July 24, 2025 takedown operation resulted…
Category: Cyber Security News
Microsoft Teams RCE Vulnerability Let Attackers Read, Write and Delete Messages
Microsoft disclosed a significant remote code execution (RCE) vulnerability in its Teams collaboration software as part of its August 2025 Patch Tuesday updates. The critical flaw, identified as CVE-2025-53783, could allow an unauthorized attacker to read, write, and even delete…
Electronic Arts Blocked 300,000 Attempts Following Battlefield 6 Beta Launch
Electronic Arts has revealed that their Javelin anti-cheat system successfully prevented 330,000 attempts to cheat or tamper with anti-cheat controls during the Battlefield 6 Open Beta launch period. The gaming giant’s SPEAR Anti-Cheat Team disclosed these statistics while addressing community…
Microsoft Releases Windows 11 Cumulative Updates (KB5063878, KB5063875) August 2025 with New Features
Microsoft has released the Windows 11 August 2025 Cumulative Updates, KB5063878 for version 24H2 and KB5063875 for versions 22H2 and 23H2, delivering critical stability fixes and new features released along with Microsoft patch Tuesday august 2025. These updates address performance…
PoisonSeed Phishing Kit Bypasses MFA to Acquire Credentials from Individuals and Organizations
In recent months, a new phishing toolkit known as PoisonSeed has emerged, targeting both individual users and enterprise organizations with unprecedented sophistication. Unlike traditional phishing kits that harvest only usernames and passwords, PoisonSeed employs an adversary-in-the-middle (AitM) approach to intercept…
Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE
Microsoft released its August Patch Tuesday security updates, addressing a total of 107 vulnerabilities across its product ecosystem. The update includes fixes for 90 vulnerabilities, classified as follows: 13 are Critical, 76 are Important, one is Moderate, and one is…
17,000+ VMware ESXi Servers Vulnerable to Critical Integer-Overflow Vulnerability
More than 17,000 VMware ESXi installations worldwide are at risk from a severe integer-overflow vulnerability tracked as CVE-2025-41236 (CVSS 9.3), cybersecurity researchers warn. This critical vulnerability, first flagged in July, has prompted urgent calls for patching, but the latest scan…
How to Solve Alert Fatigue in Your SOC Without Extra Staff or Effort
Imagine your Security Operations Center (SOC) as the tactical center of a medieval fortress, where vigilant sentries scan the horizon for approaching threats. But instead of watching for enemy armies, your digital guardians monitor an endless stream of network traffic,…
ShinyHunters Unveils That BreachForums Taken by Law Enforcement Agencies, Now It Is a Honeypot
The threat actor collective ShinyHunters has recently announced that BreachForums—one of the most prolific breeding grounds for stolen credentials and leak data—has been commandeered by international law enforcement agencies. According to Shiny from ShinyHunters, the site’s administrative controls, including the…
7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and CVE-2025-6543
Over 7,000 Citrix NetScaler appliances remain unpatched against two critical vulnerabilities: CVE-2025-5777 and CVE-2025-6543. Despite multiple advisories from Citrix, CISA’s KEV catalog entries, and updates from national cybersecurity agencies—including the Dutch NCSC—threat actors continue to target unmitigated devices at scale.…
Ivanti Connect Secure, Policy Secure and ZTA Vulnerabilities Let Attackers Trigger DoS Attack
Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products. The vulnerabilities, identified through internal discovery and responsible disclosure programs, could enable remote attackers to…
Hackers Attacking Fortinet SSL VPN Under Attack From 780 unique IPs
An unprecedented surge in brute-force attacks targeting Fortinet SSL VPN infrastructure, with over 780 unique IP addresses participating in coordinated assault campaigns. The August 3rd attack represents the highest single-day volume recorded on GreyNoise’s Fortinet SSL VPN Bruteforcer tag in…
Critical Zoom Clients for Windows Vulnerability Lets Attackers Escalate Privileges
Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems. Designated as CVE-2025-49457 under bulletin ZSB-25030, this flaw carries a CVSS score of 9.6, classifying it as critical due to…
North Korean Kimsuky Hackers Data Breach – Insiders Published the Data Online
A massive leak of internal tooling, backdoors, and intelligence-gathering artifacts attributed to North Korea’s state-sponsored APT group Kimsuky has been published online by presumed insiders. The 34,000-page dump exposes live phishing infrastructure, kernel-level backdoors, Cobalt Strike payloads, and stolen government…
SAP Security Patch Day – 15 Vulnerabilities Patched including 3 Critical Injection Vulnerabilities
SAP released a comprehensive security update on August 12th, 2025, addressing 15 new vulnerabilities across its enterprise software portfolio, including three critical code injection flaws that pose significant risks to organizations worldwide. The monthly Security Patch Day also included four…
Critical Vulnerability in Carmaker Portal Let Hackers Unlock the Car Remotely
A severe flaw in a major automaker’s dealer portal allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely. The vulnerability resides in the portal’s Java/SAP backend and AngularJS frontend, where…
DarkBit Hackers Attacking VMware ESXi Servers to Deploy Ransomware and Encrypt VMDK Files
A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores. Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…
Scattered Spider With New Telegram Channel List Organizations It Attacked
In early August 2025, a previously quiet cybercrime collective known as Scattered Spider resurfaced with a striking new Telegram channel that aggregates proof of its intrusions and data exfiltration operations. The channel name fuses ShinyHunters, Scattered Spider, and Lapsus$, signaling…
Wikipedia Lost Legal Battle Against The UK’s Online Safety ACT Regulations
Wikipedia has suffered a significant legal defeat in its attempt to avoid being classified under the UK’s stringent Online Safety Act regulations. The High Court ruled against the Wikimedia Foundation and a Wikipedia user, known only as “BLN,” who challenged…
Apache bRPC Vulnerability Allows Attackers to Crash the Service via Network
A severe vulnerability in Apache bRPC has been discovered that allows attackers to crash services through network exploitation, affecting all versions prior to 1.14.1. The vulnerability, identified as CVE-2025-54472 with “important” severity classification, stems from unlimited memory allocation in the…