Two malicious npm packages have emerged as sophisticated weapons targeting WhatsApp developers through a remote-controlled destruction mechanism that can completely wipe development systems. The packages, identified as naya-flore and nvlore-hsc, masquerade as legitimate WhatsApp socket libraries while harboring a devastating…
Category: Cyber Security News
Guided Selling in 3D Product Configurators
People don’t want to guess when they buy something – especially something complex or customizable. They want to feel like they’re making the right choice. But with many ecommerce stores, it’s easy to feel lost: too many options, confusing specs,…
Hacker Extradited to US for Stealing Over $2.5 Million in Tax Fraud Attacks
A sophisticated cybercriminal operation that targeted American tax preparation businesses through spearphishing campaigns has culminated in the extradition of Nigerian national Chukwuemeka Victor Amachukwu from France to face federal charges in New York. The 39-year-old defendant, operating under multiple aliases…
SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability
Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement to Cybersecurity News, the company confirmed that recent ransomware attacks are not the…
ScarCruft Hacker Group Launched a New Malware Attack Using Rust and PubNub
The North Korean state-sponsored Advanced Persistent Threat (APT) group ScarCruft has launched a sophisticated new malware campaign targeting South Korean users through a deceptive postal-code update notice. This latest attack represents a significant evolution in the group’s operational capabilities, marking…
CISA Warns of ‘ToolShell’ Exploits Chain Attacks SharePoint Servers – Discloses IOCs and detection signatures
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit chain targeting on-premises Microsoft SharePoint servers. Dubbed “ToolShell,” the campaign leverages two fresh vulnerabilities—CVE-2025-49706, a network spoofing flaw, and CVE-2025-49704,…
New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control
A sophisticated new attack technique called “Ghost Calls” exploits web conferencing platforms to establish covert command and control (C2) channels. Presented by Adam Crosser from Praetorian at Black Hat USA 2025, this groundbreaking research demonstrates how attackers can leverage the…
Microsoft 365 Direct Send Weaponized to Bypass Email Security Defenses
Cybersecurity researchers have uncovered a sophisticated spear phishing campaign that weaponizes Microsoft 365’s Direct Send feature to bypass traditional email security defenses and conduct hyper-personalized credential theft attacks. The campaign demonstrates an alarming evolution in attack sophistication, combining technical exploitation…
IRGC Hacker Groups Attacking Targeted Financial, Government, and Media Organizations
During the 12-day conflict between Israel and Iran in June 2025, a sophisticated network of Iranian-linked cyber threat actors launched coordinated digital operations against critical infrastructure sectors worldwide. The campaign demonstrated unprecedented coordination between military operations and state-sponsored cyberattacks, targeting…
WhatsApp Has Taken Down 6.8 Million Accounts Linked to Malicious Activities
WhatsApp has successfully dismantled 6.8 million accounts linked to fraudulent activities during the first half of 2024, representing a significant escalation in the platform’s fight against organized cybercrime. The takedown operation, announced by parent company Meta, specifically targeted scam centers…
New Active Directory Lateral Movement Techniques that Bypasses Authentication and Exfiltrate Data
Sophisticated attack vectors unveiled that exploit hybrid Active Directory and Microsoft Entra ID environments, demonstrating how attackers can achieve complete tenant compromise through previously unknown lateral movement techniques. These methods, presented at Black Hat USA 2025, expose critical vulnerabilities in…
Hackers Use Legitimate Drivers to Kill Antivirus Processes and Lower The System’s Defenses
In a sophisticated campaign first observed in October 2024, attackers have begun leveraging a legitimate driver to disable antivirus software across compromised networks. By abusing the ThrottleStop.sys driver—originally designed by TechPowerUp to manage CPU throttling—the malware gains kernel‐level memory access…
SocGholish Leverages Parrot and Keitaro TDS Systems to Push Fake Updates and Deliver Malware
A sophisticated malware operation known as SocGholish has emerged as one of the internet’s most persistent and deceptive threats, masquerading as legitimate software updates to compromise unsuspecting users’ systems. The malware, operated by the cybercriminal group TA569, has evolved from…
Nvidia Says No Backdoors, No Kill Switches, and No Spyware in its Chips
Nvidia Corporation has issued a strong statement asserting that its graphics processing units (GPUs) contain no backdoors, kill switches, or spyware, directly addressing growing concerns from policymakers about potential hardware-based control mechanisms. The semiconductor giant’s declaration comes as some industry…
HeartCrypt-Packed EDR Killer Tools ‘AVKiller’ Actively Used in Ransomware Attacks
Cybersecurity teams have confronted a rising threat from a novel “EDR killer” payload in recent months, commonly referred to as AVKiller, which has been observed disabling endpoint defenses to facilitate the deployment of ransomware. First detected in mid-2024, this tool…
10 Best Data Loss Prevention Software in 2025
Data Loss Prevention (DLP) software is a critical cybersecurity solution designed to protect sensitive data from leaving an organization’s network. In an era where data is a company’s most valuable asset, and regulatory penalties for data breaches are severe, DLP…
Gemini Exploited via Prompt Injection in Google Calendar Invite to Steal Emails, and Control Smart Devices
A sophisticated attack method exploits Google’s Gemini AI assistant through seemingly innocent calendar invitations and emails. The attack, dubbed “Targeted Promptware Attacks,” demonstrates how indirect prompt injection can compromise users’ digital privacy and even control physical devices in their homes. …
HTTP/1.1 Fatal Vulnerability Exposes Millions of Websites to Hostile Takeover
A critical vulnerability in the HTTP/1.1 protocol threatens tens of millions of websites with potential hostile takeovers through sophisticated desynchronization attacks. This fundamental flaw in the decades-old protocol creates extreme ambiguity about where one request ends and the next begins,…
1.2 Million Healthcare Devices and Systems Data Leaked Online – Patient Records at Risk of Exposure
Over 1.2 million internet-connected healthcare devices and systems with exposure that endanger patient data shown in new research by European cybersecurity company Modat. Global findings showing Top 10 Regions (most results are across Europe, the USA, and South Africa): Research was conducted…
HashiCorp Vault 0-Day Vulnerabilities Let Attackers Execute Remote Code
Security researchers uncovered a series of critical zero-day vulnerabilities in HashiCorp Vault in early August 2025, the widely adopted secrets management solution. These flaws, spanning authentication bypasses, policy enforcement inconsistencies, and audit-log abuse, create end-to-end attack paths that culminate in…