The cybersecurity landscape faces a renewed threat as the GOLD BLADE cybercriminal group has significantly evolved their attack methodology, combining previously observed techniques to create a sophisticated infection chain. This new campaign, which surged in July 2025, leverages malicious LNK…
Category: Cyber Security News
Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools
Cybersecurity researchers have uncovered more than 10 patents for highly intrusive forensics and data collection technologies filed by Chinese companies directly linked to state-sponsored hacking operations, according to a new report from SentinelLABS released this week. The patents, registered by…
UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped Raspberry Pi device directly into an ATM network, security researchers from Group-IB revealed this week. The campaign represents a rare…
Bangalore Techie Arrested in Connection With the $44 Million CoinDCX Hack
The Bangalore-based software engineer Rahul Agarwal, an employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44 million (approximately Rs 379 crore) theft. The Whitefield CEN crime police detained Agarwal on July 26 following an extensive…
20 Best Kubernetes Monitoring Tools in 2025
Kubernetes monitoring tools are essential for maintaining the health, performance, and reliability of Kubernetes clusters. These tools provide real-time visibility into the state of clusters, nodes, and pods, allowing administrators to identify and resolve issues quickly. They offer detailed metrics…
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South Africa and Mauritius. The attack specifically targets on-premise SharePoint installations, exploiting previously unknown security flaws…
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity providers. The vulnerability, designated as CVE-2025-54576, enables attackers to bypass authentication mechanisms by manipulating…
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309 and scoring a critical 9.8 on the CVSS scale, stems from a fundamental breakdown…
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware campaigns. This surge in cyber warfare represents a paradigm shift where state-sponsored hackers and financially…
ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks
A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” The research reveals that malicious browser extensions can exploit the Document Object Model (DOM) to…
Qilin Ransomware Leverages TPwSav.sys Driver to Disable EDR Security Measures
Cybercriminals have once again demonstrated their evolving sophistication by weaponizing an obscure Toshiba laptop driver to bypass endpoint detection and response systems. The Qilin ransomware operation, active since July 2022, has incorporated a previously unknown vulnerable driver called TPwSav.sys into…
Gunra Ransomware New Linux Variant Runs Up To 100 Encryption Threads With New Partial Encryption Feature
A sophisticated new Linux variant of Gunra ransomware has emerged, marking a significant escalation in the threat group’s cross-platform capabilities since its initial discovery in April 2025. The ransomware, which drew inspiration from the notorious Conti ransomware techniques, has rapidly…
CISA and FBI Shared Tactics, Techniques, and Procedures of Scattered Spider Hacker Group
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released an updated joint cybersecurity advisory detailing the sophisticated tactics employed by the Scattered Spider cybercriminal group, also known as UNC3944, Oktapus, and Storm-0875. This threat…
Free Decryptor Released for AI-Assisted FunkSec Ransomware
Cybersecurity researchers have successfully developed and released a free decryption tool for the FunkSec ransomware, a malicious strain that leveraged artificial intelligence capabilities to enhance its operations. The ransomware campaign, which targeted 113 victims between December 2024 and March 2025,…
New JSCEAL Attack Targeting Crypto App Users To Steal Credentials and Wallets
A sophisticated new malware campaign targeting cryptocurrency application users has emerged, leveraging compiled JavaScript files and Node.js to steal digital wallets and credentials with unprecedented stealth. The campaign, dubbed JSCEAL, represents a significant evolution in cybercriminal tactics, utilizing advanced evasion…
Qilin Ransomware Gain Traction Following Legal Assistance Option for Ransomware Affiliates
The cybersecurity landscape witnessed a concerning evolution in June 2025 when the Qilin ransomware gang announced a groundbreaking addition to their criminal enterprise: on-demand legal assistance for their affiliates. This announcement, made on a Russian-speaking darknet forum, represents a sophisticated…
AI Vibe Coding Platform Hacked – Logic Flaw Exposes Private App Access
A severe authentication bypass vulnerability in Base44, a popular AI-powered vibe coding platform recently acquired by Wix, could have allowed attackers unauthorized access to private enterprise applications and sensitive corporate data. The vulnerability, which was patched within 24 hours of…
0bj3ctivityStealer’s Execution Chain Unveiled With It’s New Capabilities and Exfiltration Techniques
The cybersecurity landscape continues to witness the emergence of sophisticated information-stealing malware, with 0bj3ctivityStealer representing one of the most recent and concerning additions to this threat ecosystem. Initially discovered by HP Wolf Security experts earlier this year, this advanced stealer…
BulletProof Hosting Provider Qwins Ltd Fueling Global Malware Campaigns
A sophisticated bulletproof hosting operation has emerged as a critical enabler of global malware campaigns, with cybersecurity researchers uncovering extensive evidence linking UK-registered company Qwins Ltd to widespread cybercriminal activities. The company, operating under Autonomous System Number (ASN) 213702, has…
ToxicPanda Android Banking Malware Infected 4500+ Devices to Steal Banking Credentials
A sophisticated Android banking trojan known as ToxicPanda has successfully infiltrated over 4500 mobile devices across Europe, representing one of the most significant mobile banking malware campaigns observed in recent years. The malware specifically targets banking and digital wallet applications,…