Protecting digital infrastructure is critical in 2025, as cyber threats escalate in complexity and diversity. Next‑Generation Firewalls (NGFWs) have become the cornerstone for enterprise security, offering not just robust traffic filtering, but also deep packet inspection, advanced threat intelligence, and…
Category: Cyber Security News
China-Aligned TA415 Hackers Uses Google Sheets and Google Calendar for C2 Communications
The Chinese state-sponsored threat actor TA415 has evolved its tactics, techniques, and procedures by leveraging legitimate cloud services like Google Sheets and Google Calendar for command and control communications in recent campaigns targeting U.S. government, think tank, and academic organizations.…
BeaverTail Variant via Malicious Repositories Targeting Retail Sector Organizations
A sophisticated North Korean nation-state threat actor campaign has emerged, distributing an evolved variant of the BeaverTail malware through deceptive fake hiring platforms and ClickFix social engineering tactics. This latest campaign, active since May 2025, represents a significant tactical shift…
MuddyWater Hackers Using Custom Malware With Multi-Stage Payloads and Uses Cloudflare to Mask Fingerprints
Since early 2025, cybersecurity teams have observed a marked resurgence in operations attributed to MuddyWater, an Iranian state–sponsored advanced persistent threat (APT) actor. Emerging initially through broad remote monitoring and management (RMM) exploits, the group has pivoted to highly targeted…
New Magecart Skimmer Attack With Malicious JavaScript Injection to Skim Payment Data
The threat landscape for e-commerce websites has once again shifted with the emergence of a sophisticated Magecart-style attack campaign, characterized by the deployment of obfuscated JavaScript to harvest sensitive payment information. The campaign first came to light in mid-September 2025…
224 Malicious Android Apps on Google Play With 38 Million Downloads Delivering Malicious Payloads
A sophisticated mobile ad fraud operation dubbed “SlopAds” has infiltrated Google Play Store with 224 malicious applications that collectively amassed over 38 million downloads across 228 countries and territories. The campaign represents one of the most extensive mobile fraud schemes…
Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released
A critical security flaw has been discovered in Greenshot, a popular open-source screenshot utility for Windows. The vulnerability allows a local attacker to execute arbitrary code within the Greenshot process, potentially enabling them to bypass security measures and carry out…
PureHVNC RAT Developers Leverage GitHub Host Source Code
The PureHVNC remote administration tool (RAT) has emerged as a sophisticated component of the Pure malware family, gaining prominence in mid-2025 amid an uptick in targeted intrusion campaigns. Originating from underground forums and Telegram channels, PureHVNC is marketed by its…
Threat Actors Abuse Adtech Companies to Target Users With Malicious Ads
The digital advertising ecosystem has become a prime hunting ground for cybercriminals, who are increasingly exploiting advertising technology companies to distribute malware and conduct malicious campaigns. Rather than simply abusing legitimate platforms, threat actors are now operating as the platforms…
New Innovative FileFix Attack in The Wild Leverages Steganography to Deliver StealC Malware
A sophisticated cyberthreat campaign has emerged that represents a significant evolution in social engineering attacks, introducing the first real-world implementation of FileFix attack methodology beyond proof-of-concept demonstrations. This advanced threat leverages steganography techniques to conceal malicious payloads within seemingly innocent…
Microsoft Introduces Network Strength Indicator With Teams to Clarify Disruptions
Microsoft is set to roll out a new feature for its Teams platform called the Network Strength Indicator, designed to provide users with greater clarity on call quality and disruptions during meetings. The update seeks to clarify technical issues by…
Python Based XillenStealer Attacking Windows Users to Steal Sensitive Data
In recent weeks, cybersecurity researchers have observed the emergence of XillenStealer, a Python-based information stealer publicly hosted on GitHub and rapidly adopted by threat actors. First reported in mid-September 2025, the stealer leverages a user-friendly builder GUI to lower the…
Critical WatchGuard Vulnerability Allows Unauthenticated Attacker to Execute Arbitrary Code
A critical vulnerability has been discovered in WatchGuard’s Firebox firewalls, which could allow a remote, unauthenticated attacker to execute arbitrary code on affected devices. The flaw, tracked as CVE-2025-9242, has been assigned a critical severity rating with a CVSS score…
Top 10 Best Security Orchestration, Automation, And Response (SOAR) Tools in 2025
In the face of an ever-increasing volume of security alerts, a critical shortage of skilled cybersecurity professionals, and the growing sophistication of cyber threats, Security Operations Centers (SOCs) are often overwhelmed. This is where Security Orchestration, Automation, and Response (SOAR)…
Microsoft OneDrive Auto-Sync Exposes Enterprise Secrets in SharePoint Online
A default auto-sync feature in Microsoft OneDrive automatically moves local files to SharePoint, creating a significant security risk by exposing sensitive data and secrets on a large scale. Research from Entro Security highlights the severity of the issue, revealing that…
40,000+ Cyberattacks Targeting API Environments To Inject Malicious Code
The cybersecurity landscape has witnessed an unprecedented surge in API-focused attacks during the first half of 2025, with threat actors launching over 40,000 documented incidents against application programming interfaces across 4,000 monitored environments. This alarming escalation represents a fundamental shift…
Apple Fixes 0-Day Vulnerabilities in Older version of iPhones and iPad
Apple has released iOS 16.7.12 and iPadOS 16.7.12 on September 15, 2025, delivering critical security updates to older-generation devices. The patches address a zero-day flaw in the ImageIO framework that could allow an attacker to execute arbitrary code by enticing…
Google Announces Full Availability of Client-Side Encryption for Google Sheets
Google has announced the full general availability of client-side encryption (CSE) for Google Sheets. This significant upgrade gives organizations direct control over encryption keys and enhances data confidentiality within Google Workspace. This move extends robust security features to spreadsheets, ensuring…
Kubernetes C# Client Vulnerability Exposes API Server Communication To MiTM Attack
A medium-severity vulnerability has been discovered in the official Kubernetes C# client, which could allow an attacker to intercept and manipulate sensitive communications. The flaw, rated 6.8 on the CVSS scale, stems from improper certificate validation logic. This weakness exposes…
Critical Chaos Mesh Vulnerabilities Let Attackers Takeover Kubernetes Cluster
Critical vulnerabilities were identified in Chaos Mesh, a popular Cloud Native Computing Foundation chaos engineering platform used for fault injection testing in Kubernetes environments. The security flaws, collectively dubbed “Chaotic Deputy,” comprise four CVEs that enable complete cluster compromise through…