A sophisticated information-stealing malware written in Golang has emerged, leveraging blockchain technology to establish covert command-and-control channels. SharkStealer represents a significant evolution in malware design, utilizing the BNB Smart Chain Testnet as a resilient dead-drop resolver for its C2 infrastructure.…
Category: Cyber Security News
New PDF Tool to Detect Malicious PDF Using PDF Object Hashing Technique
A new open-source tool called PDF Object Hashing is designed to detect malicious PDFs by analyzing their structural “fingerprints.” Released by Proofpoint, the tool empowers security teams to create robust threat detection rules based on unique object characteristics in PDF…
Threat Actors Attacking Azure Blob Storage to Compromise Organizational Repositories
Cybersecurity researchers have identified a sophisticated campaign where threat actors are leveraging compromised credentials to infiltrate Azure Blob Storage containers, targeting organizations’ critical code repositories and sensitive data. This emerging threat exploits misconfigured storage access controls to establish persistence and…
Hackers Abuse Microsoft 365 Exchange Direct Send to Bypass Content Filters and Harvest Sensitive Data
Microsoft 365 Exchange Online’s Direct Send feature, originally designed to enable legacy devices and applications to send emails without authentication, has become an exploitable pathway for cybercriminals conducting sophisticated phishing and business email compromise attacks. The feature allows multifunction printers,…
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infrastructure across China and Pakistan. The threat actor has deployed weaponized Microsoft Office…
Vidar Stealer Bypassing Browser Security Via Direct Memory Injection to Steal Login Credentials
A sophisticated information-stealing malware known as Vidar Stealer has undergone a complete architectural transformation with the release of version 2.0, introducing advanced capabilities that enable it to bypass Chrome’s latest security protections through direct memory injection techniques. Released on October…
Threat Actors With Stealer Malwares Processing Millions of Credentials a Day
The stealer malware ecosystem has evolved into a sophisticated criminal enterprise capable of processing hundreds of millions of credentials daily. Over the past several years, threat actors have transformed the landscape of credential theft through specialized malware families and underground…
Salt Typhoon Using Zero-Day Exploits and DLL Sideloading Techniques to Attack Organizations
Salt Typhoon, a China-linked advanced persistent threat (APT) group active since 2019, has emerged as one of the most sophisticated cyber espionage operations targeting global critical infrastructure. Also tracked as Earth Estries, GhostEmperor, and UNC2286, the group has conducted high-impact…
New Rust-Based ChaosBot Malware Leverages Discord for Stealthy Command and Control
A sophisticated new threat has emerged in the cybersecurity landscape, leveraging the popular communication platform Discord to conduct covert operations. ChaosBot, a Rust-based malware strain, represents an evolution in adversarial tactics by hiding malicious command and control traffic within legitimate…
Microsoft Enhances Windows Security by Turning Off File Previews for Downloads
In a move to tighten defenses against credential theft, Microsoft has rolled out a significant change to Windows File Explorer starting with security updates released on and after October 14, 2025. The update automatically disables the preview pane for files…
Perplexity’s Comet Browser Screenshot Feature Vulnerability Let Attackers Inject Malicious Prompts
A new vulnerability in Perplexity’s Comet AI browser allows attackers to inject malicious prompts through seemingly innocuous screenshots. Disclosed on October 21, 2025, this flaw builds on earlier concerns about prompt injection in agentic browsers, AI-powered tools that act on…
SpaceX Disabled 2,500+ Starlink Terminals Tied to Scam Centers in Myanmar
SpaceX has disabled over 2,500 Starlink satellite internet terminals linked to notorious scam centers in Myanmar. The action underscores the company’s commitment to denying the misuse of its technology amid rising global concerns over online scams originating from Southeast Asia.…
Hackers Exploited Samsung Galaxy S25 0-Day Vulnerability to Enable Camera and Track Location
At Pwn2Own Ireland 2025, cybersecurity researchers Ben R. and Georgi G. from Interrupt Labs showcased an impressive achievement by successfully exploiting a zero-day vulnerability in the Samsung Galaxy S25. This allowed them to gain full control over the device, enabling…
CISA Warns of Motex LANSCOPE Endpoint Manager Vulnerability Actively Exploited in the Wild
CISA has issued a critical alert regarding a severe vulnerability in Motex LANSCOPE Endpoint Manager, a popular tool for managing IT assets across networks. Dubbed an improper verification of the source of a communication channel flaw, this issue allows attackers…
Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild – 3 in 5 Stores Vulnerable
Hackers have begun actively targeting a critical remote code execution flaw in Adobe’s Magento e-commerce platform, putting thousands of online stores at immediate risk just six weeks after Adobe issued an emergency patch. Known as SessionReaper and tracked as CVE-2025-54236,…
Jira Software Vulnerability Let Attacker Modify Any Filesystem Path Writable By JVM process
Atlassian has disclosed a high-severity path traversal vulnerability in Jira Software Data Center and Server that enables authenticated attackers to arbitrarily write files to any path accessible by the Java Virtual Machine (JVM) process. This flaw, tracked as CVE-2025-22167 with…
CISA Warns of Motex LANSCOPE Endpoint Manager Vulnerability Exploited in Attacks
CISA has issued a critical alert regarding a severe vulnerability in Motex LANSCOPE Endpoint Manager, a popular tool for managing IT assets across networks. Dubbed an improper verification of the source of a communication channel flaw, this issue allows attackers…
Impacket Tool in Kali Repo Upgraded With New Attack Paths and Relay Tricks
The popular Impacket toolkit, a staple in penetration testing and now integrated into the Kali Linux repository, is set for a major upgrade. Maintained by Fortra’s cybersecurity team, the forthcoming release, building on version 0.12, addresses long-standing community requests with…
Multiple BIND 9 DNS Vulnerabilities Enable Cache Poisoning and Denial of Service Attacks
The Internet Systems Consortium (ISC) disclosed three high-severity vulnerabilities in BIND 9 on October 22, 2025, potentially allowing remote attackers to conduct cache poisoning attacks or cause denial-of-service (DoS) conditions on affected DNS resolvers. These flaws, tracked as CVE-2025-8677, CVE-2025-40778,…
Multiple Oracle VM VirtualBox Vulnerabilities Enables Complete Takeover Of VirtualBox
Oracle has disclosed multiple critical vulnerabilities in its Oracle VM VirtualBox virtualization software, potentially allowing attackers to achieve complete control over the VirtualBox environment. These flaws, detailed in the October 2025 Critical Patch Update (CPU), affect the Core component of…