A proof-of-concept exploit has been publicly released for CVE-2025-9501, a critical, unauthenticated command-injection vulnerability affecting W3 Total Cache, one of WordPress’s most widely deployed caching plugins. With over 1 million active installations, the vulnerability poses a significant risk to countless…
Category: Cyber Security News
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
Large language models like GPT-3.5-Turbo and GPT-4 are transforming how we work, but they are also opening doors for cybercriminals to create a new generation of malware. Researchers have demonstrated that these advanced AI tools can be manipulated to generate…
Tenda N300 Vulnerabilities Let Attacker to Execute Arbitrary Commands as Root User
Tenda N300 wireless routers and 4G03 Pro portable LTE devices face severe security threats from multiple command injection vulnerabilities that allow attackers to execute arbitrary commands with root privileges. The affected devices currently lack vendor patches, leaving users vulnerable. The…
APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods
In October 2025, a significant breach exposed the internal workings of APT35, also known as Charming Kitten, a cyber unit operating within Iran’s Islamic Revolutionary Guard Corps Intelligence Organization. Thousands of leaked documents revealed the group’s systematic approach to targeting…
Zapier’s NPM Account Hacked – Multiple Packages Infected with Self-Propagating Shai Hulud Malware
A massive supply chain attack targeting the NPM accounts of automation giant Zapier and the Ethereum Name Service (ENS). Identified by Aikido Security, the campaign is being orchestrated by the same threat actors responsible for the “Shai Hulud” self-propagating worm…
ToddyCat APT Accessing Organizations Internal Communications of Employees at Target Companies
The ToddyCat APT group has developed new ways to access corporate email communications at target organizations. Email remains the main way companies handle business communications, whether through their own servers like Microsoft Exchange or through cloud services such as Microsoft…
New EtherHiding Attack Uses Web-Based Attacks to Deliver Malware and Rotate Payloads
A new threat known as EtherHiding is reshaping how malware spreads through the internet. Unlike older methods that rely on traditional servers to deliver harmful code, this attack uses blockchain smart contracts to store and update malware payloads. The approach…
Hackers Leverage Malicious PyPI Package to Attack Users and Steal Cryptocurrency Details
A dangerous malware campaign has surfaced targeting cryptocurrency users through a deceptive Python package hosted on the PyPI repository. The threat actors disguised their malicious code within a fake spell-checking tool, mimicking the legitimate pyspellchecker package that boasts over 18…
Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary
Cybersecurity researchers have uncovered a sophisticated Python-based malware that employs process injection techniques to hide inside legitimate Windows binaries. This threat represents a new evolution in fileless attack strategies, combining multi-layer obfuscation with trusted system utilities to evade detection. The…
vLLM Vulnerability Enables Remote Code Execution Via Malicious Payloads
A critical memory corruption vulnerability in vLLM versions 0.10.2 and later allows attackers to achieve remote code execution through the Completions API endpoint by sending maliciously crafted prompt embeddings. The vulnerability resides in the tensor deserialization process within vLLM’s entrypoints/renderer.py…
Hackers Replace ‘m’ with ‘rn’ in Microsoft(.)com to Steal Users’ Login Credentials
A sophisticated phishing campaign is currently leveraging a subtle typographical trick to bypass user vigilance, deceiving victims into handing over sensitive login credentials. Attackers utilize the domain “rnicrosoft.com” to impersonate the tech giant. By replacing the letter ‘m’ with the…
DeepSeek-R1 Makes Code for Prompts With Severe Security Vulnerabilities
A concerning vulnerability in DeepSeek-R1, a Chinese-developed artificial intelligence coding assistant. When the AI model encounters politically sensitive topics related to the Chinese Communist Party, it produces code with severe security flaws at rates up to 50% higher than usual.…
Beware of North Korean Fake Job Platform Targeting U.S. Based AI-Developers
A sophisticated recruitment scam linked to North Korea has emerged, targeting American artificial intelligence developers, software engineers, and cryptocurrency professionals through an elaborate fake job platform. Validin security researchers have uncovered a new variant of what they call the “Contagious…
Wireshark Vulnerabilities Let Attackers Crash by Injecting a Malformed Packet
The Wireshark Foundation has rolled out a crucial security update for its widely used network protocol analyzer, addressing multiple vulnerabilities that could lead to denial-of-service conditions. The latest release, version 4.6.1, specifically targets flaws discovered in the Bundle Protocol version…
CISA Warns of Oracle’s Identity Manager RCE Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations to immediately address a critical security flaw in Oracle Identity Manager following reports of active exploitation. The vulnerability, tracked as CVE-2025-61757, allows unauthenticated remote attackers to execute arbitrary code on…
Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges
A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels. The flaw, categorized as an authentication bypass vulnerability, poses an immediate risk to organizations that rely on Azure Bastion for…
Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach
Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we analyze the critical incidents defining the current threat landscape. If this week has taught us anything, it is that the stability of our digital infrastructure is just…
Microsoft Confirms Windows 11 24H2 Update Broken Multiple Core Features
Microsoft has officially acknowledged a significant disruption affecting Windows 11 version 24H2 users, specifically after installing the cumulative update KB5062553 released in July 2025. The issue primarily affects environments using Virtual Desktop Infrastructure (VDI) and devices undergoing their first user…
ShinyHunters Claims Data Theft from 200+ Companies via Salesforce Gainsight Breach
A sophisticated supply chain attack has reportedly compromised data across hundreds of organizations, linking the breach to a critical integration between customer success platform Gainsight and CRM giant Salesforce. The notorious hacking collective ShinyHunters is claiming responsibility for the intrusion,…
Fired Techie Admits Hacking Employer’s Network in Retaliation for Termination
A former IT contractor from Ohio has admitted to launching a cyberattack against his employer’s network in retaliation for being terminated, federal prosecutors announced this week. Maxwell Schultz, 35, of Columbus, Ohio, pleaded guilty to computer fraud charges after leading…