Svenska kraftnät, Sweden’s primary electricity transmission system operator, has confirmed a significant data breach on October 26, 2025. The incident has drawn attention from cybersecurity experts and government authorities as it involves critical infrastructure responsible for managing the nation’s power…
Category: Cyber Security News
Beware of Free Video Game Cheats That Delivers Infostealer Malwares
The competitive nature of gaming drives millions of players to seek advantages against their opponents. With esports tournaments boasting prize pools exceeding $1.25 million, the stakes have never been higher. However, this competitive spirit has created an opportunity for cybercriminals…
OpenVPN Vulnerability Exposes Linux, macOS Systems to Script Injection Attacks
A new vulnerability in early versions of OpenVPN has been disclosed, potentially allowing malicious servers to execute arbitrary commands on client machines. The flaw affects OpenVPN releases from 2.7_alpha1 to 2.7_beta1, enabling script-injection attacks on POSIX-based systems such as Linux,…
Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks
The Apache Software Foundation has highlighted critical flaws in Apache Tomcat, a widely used open-source Java servlet container that powers numerous web applications. On October 27, 2025, Apache disclosed two vulnerabilities, CVE-2025-55752 and CVE-2025-55754, affecting multiple versions of Tomcat. While…
81% Router Usres Have Not Changed Default Admin Passwords, Exposing Devices to Hackers
In late 2025, a staggering 81% of broadband users were found to have never changed their router’s default administrative password, opening the door to significant malware risk. This widespread negligence was revealed in Broadband Genie’s fourth major router security survey,…
iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot
The emergence of Pegasus and Predator spyware over the past several years has transformed the landscape of mobile device security. These advanced malware strains—deployed by sophisticated threat actors for surveillance and espionage—have repeatedly demonstrated their ability to exploit zero-click vulnerabilities,…
Predatory Sparrow Group Attacking Critical Infrastructure to Destroy Data and Cause Disruption
Predatory Sparrow has emerged as one of the most destructive cyber-sabotage groups targeting critical infrastructure across the Middle East, with operations focused primarily on Iranian and Syrian assets. The hacktivist group, believed to be affiliated with Israeli interests, has orchestrated…
Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild
Threat actors have launched a significant mass exploitation campaign targeting critical vulnerabilities in two popular WordPress plugins, GutenKit and Hunk Companion, affecting hundreds of thousands of websites globally. These vulnerabilities, discovered in September and October 2024, have resurfaced as an…
North Korean Chollima Actors Added BeaverTail and OtterCookie to Its Arsenal
Famous Chollima, a threat group affiliated with North Korea’s Reconnaissance General Bureau, has significantly expanded its operational capabilities by integrating two potent malware strains: BeaverTail and OtterCookie. This convergence marks a critical evolution in the group’s attack methodology, targeting cryptocurrency…
Hackers Leveraging ClickFix Technique to Deploy NetSupport RAT Loaders
Cybercriminals continue to evolve their tactics for compromising systems, with recent campaigns demonstrating a significant shift from traditional fake update methods to more sophisticated social engineering approaches. Throughout 2025, threat actors have increasingly adopted the ClickFix technique as their primary…
HashiCorp Vault Vulnerabilities Let Attack Bypass Authentication And Trigger DoS Attack
HashiCorp has disclosed two critical vulnerabilities in its Vault software that could allow attackers to bypass authentication controls and launch denial-of-service (DoS) attacks. Published on October 23, 2025, these flaws affect both Vault Community Edition and Vault Enterprise, prompting urgent…
Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group
The notorious Mem3nt0 mori hacker group has been actively exploiting a zero-day vulnerability in Google Chrome, compromising high-profile targets across Russia and Belarus. Dubbed CVE-2025-2783, this flaw allowed attackers to bypass Chrome’s robust sandbox protections with minimal user interaction, leading…
Scattered LAPSUS$ Hunters Onion Leak Website Taken Down By Law-enforcement Agencies
Law enforcement agencies from the United States and France have seized the onion leak website operated by the notorious Scattered LAPSUS$ Hunters collective, displaying a prominent seizure notice featuring logos from the FBI, Department of Justice, and international partners. This…
Hackers Exploiting Microsoft WSUS Vulnerability In The Wild – 2800 Instances Exposed Online
Hackers are actively exploiting a critical flaw in Microsoft’s Windows Server Update Services (WSUS), with security researchers reporting widespread attempts in the wild. The vulnerability, tracked as CVE-2025-59287, allows remote code execution on unpatched WSUS servers, potentially granting attackers full…
Critical Dell Storage Manager Vulnerabilities Let Attackers Compromise System
Dell Technologies has disclosed three critical vulnerabilities in its Storage Manager software that could allow attackers to bypass authentication, disclose sensitive information, and gain unauthorized access to systems. Announced on October 24, 2025, these flaws affect versions of Dell Storage…
Infamous Cybercriminal Forum BreachForums Is Back Again With a New Clear Net Domain
The notorious cybercrime forum BreachForums has resurfaced online, this time on a clearnet domain accessible without specialized tools like Tor. The platform, long a hub for data leaks, hacking tools, and illicit trades, went dark earlier this year following a…
New CoPhish Attack Exploits Copilot Studio to Exfiltrate OAuth Tokens
A sophisticated phishing technique called CoPhish exploits Microsoft Copilot Studio to trick users into granting attackers unauthorized access to their Microsoft Entra ID accounts. Dubbed by Datadog Security Labs, this method uses customizable AI agents hosted on legitimate Microsoft domains…
New EDR-Redir Tool Breaks EDR Exploiting Bind Filter and Cloud Filter Driver
A new tool called EDR-Redir has emerged, allowing attackers to redirect or isolate the executable folders of popular Endpoint Detection and Response (EDR) solutions. Demonstrated by cybersecurity researcher TwoSevenOneT, the technique leverages Windows’ Bind Filter driver (bindflt.sys) and Cloud Filter…
Cybersecurity Newsletter Weekly – AWS Outage, WSUS Exploitation, Chrome Flaws, and RDP Attacks
Welcome to this week’s edition of the Cybersecurity Newsletter, where we dissect the latest threats, vulnerabilities, and disruptions shaping the digital landscape. As organizations navigate an increasingly complex threat environment, staying ahead of emerging risks has never been more critical.…
706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released
A high-severity vulnerability in BIND 9 resolvers has been disclosed, potentially allowing attackers to poison caches and redirect internet traffic to malicious sites. Tracked as CVE-2025-40778, the flaw affects over 706,000 exposed instances worldwide, as identified by internet scanning firm…