Critical security vulnerabilities affecting SonicWall SMA 100 series SSL-VPN appliances that could allow remote attackers to execute arbitrary JavaScript code and potentially achieve code execution without authentication. The vulnerabilities affect SMA 210, 410, and 500v models running firmware version 10.2.1.15-81sv…
Category: Cyber Security News
GitLab Security Update – Patch for Multiple Vulnerabilities in Community and Enterprise Edition
GitLab has released critical security patches addressing multiple vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with versions 18.2.1, 18.1.3, and 18.0.5 now available for immediate deployment. The release includes fixes for six distinct security vulnerabilities, including…
Stealthy Backdoor in WordPress Plugins Gives Attackers Persistent Access to Websites
A sophisticated WordPress malware campaign has been discovered operating through the rarely monitored mu-plugins directory, giving attackers persistent access to compromised websites while evading traditional security measures. The malicious code, identified as wp-index.php, exploits WordPress’s “must-use plugins” functionality to maintain…
AWS Client VPN for Windows Vulnerability Let Attackers Escalate Privileges
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow attackers to escalate privileges and execute malicious code with administrative rights. The vulnerability, tracked as CVE-2025-8069, affects multiple versions of the…
Google Launches OSS Rebuild to Strengthen Security of The Open-Source Package Ecosystems
Modern software supply-chains rely on millions of third-party components, making package repositories a lucrative for attackers. Over the past year, a string of high-profile compromises—from the xz-utils backdoor to the solana/webjs typosquatting incident—has shown how stealthy code can poison widely…
UNC3944 Attacking VMware vSphere and Enabling SSH on ESXi Hosts to Reset ‘root’ Passwords
UNC3944, a financially driven threat organization associated with “0ktapus,” “Octo Tempest,” and “Scattered Spider,” launched a sophisticated cyber campaign that used social engineering and hypervisor-level attacks to target VMware vSphere environments in the retail, airline, and insurance industries. Google Threat…
CISA warns of Google Chromium 0-Day Input Validation Vulnerability Exploited in Attacks
CISA has issued an urgent warning about a critical vulnerability in Google Chromium that threat actors are actively exploiting. The vulnerability, designated as CVE-2025-6558, poses a significant security risk to millions of users across multiple web browsers that utilize the…
Operation CargoTalon Attacking Russian Aerospace & Defense to Deploy EAGLET Implant
A sophisticated cyber espionage campaign dubbed “Operation CargoTalon” has emerged, specifically targeting Russia’s aerospace and defense sectors through carefully crafted spear-phishing attacks. The operation, which surfaced in late June 2025, employs a multi-stage infection chain designed to deploy the EAGLET…
New ACRStealer Abuses Google Docs and Steam for C2 Server Via DDR Technique
A sophisticated new variant of the ACRStealer information-stealing malware has emerged, demonstrating advanced evasion techniques and leveraging legitimate platforms for covert command-and-control operations. The malware, which has been actively distributed since early 2024, represents a significant evolution in cybercriminal tactics…
Threat Actor Mimo Attacking Magento CMS to Steal Card Details and Bandwidth Monetization
The cybersecurity landscape faces a new threat as the notorious Mimo threat actor, previously known for targeting Craft content management systems, has significantly evolved its operations to compromise Magento ecommerce platforms. This expansion represents a dangerous shift toward high-value targets…
Weaponized LNK File Disguised as Credit Card Security Email Steals User Data
Cybercriminals have evolved their social engineering tactics with a sophisticated malware campaign that exploits users’ trust in financial institutions. The latest threat involves a malicious LNK file masquerading as a credit card security email authentication popup, specifically targeting unsuspecting users…
Lumma Stealer Via Fake Cracked Software Steals Login Credentials and Private Files
The brief lull following May’s multinational takedown of the Lumma Stealer infrastructure proved deceptive. Within weeks, telemetry again lit up with fresh command-and-control (C2) beacons, revealing that the information-stealing malware had swapped overt marketplace promotion for quieter channels while expanding…
Jetflicks Illegal Paid Streaming Service Operators Jailed for 7 Years
Five Nevada men, including a German citizen, received prison sentences of up to 84 months for operating Jetflicks, one of the largest illegal television streaming services in United States history. The defendants generated millions in criminal profits by distributing copyrighted…
New ZuRu Malware Variant Weaponizes Termius SSH Client to Attack macOS Users
A fresh strain of the long-running macOS.ZuRu family has surfaced, hiding inside a doctored of the popular Termius SSH client and quietly turning developer workstations into remote footholds. First seen in late May 2025, the 248 MB rogue disk image…
Key Administrator of World’s Most Popular Dark Web Cybercrime Platform Arrested
An investigation led by the French Police and Paris Prosecutor, in close cooperation with their Ukrainian counterparts and Europol, has resulted in the arrest of the suspected administrator of xss[.]is, one of the world’s most influential Russian-speaking cybercrime platforms. The…
Silicon Valley Engineer Pleads Guilty to Stealing Missile Detection Data for China
A dual U.S.-China citizen and former Silicon Valley engineer has pleaded guilty to stealing critical military technology secrets designed to protect American national security interests. Chenguang Gong, 59, of San Jose, admitted to transferring over 3,600 classified files containing advanced…
How Businesses Prevent Credential Theft with Early Phishing Detection
Phishing attacks are evolving rapidly, allowing cybercriminals to bypass traditional security systems like email filters and static defenses. As a result, many businesses are left vulnerable to credential theft, often without realizing the threat until it’s too late. Early detection is key, and…
Critical Vulnerability in JavaScript Library Exposes Millions of Apps to Code Execution Attacks
A critical security vulnerability has been discovered in the widely-used JavaScript form-data library, potentially exposing millions of applications to code execution attacks. The vulnerability, assigned CVE-2025-7783, stems from the library’s use of the predictable Math.random() function to generate boundary values…
Brave Browser Blocks Microsoft Recall by Default Due to Privacy Concerns
A significant privacy protection measure with the Brave browser now blocks Microsoft’s controversial Recall feature by default starting in version 1.81 for Windows users. The decision reflects growing concerns about user privacy and data security, as Microsoft’s Recall system automatically…
Windows 11 Gets New AI-Powered Features – Discover What’s New
Microsoft has unveiled a comprehensive suite of AI-powered enhancements for Windows 11, marking a significant leap forward in personal computing experiences. With nearly 60% of users now employing generative AI for work purposes and 64% for personal projects, Windows 11…