A deceptive phishing campaign is actively targeting WordPress administrators with convincing fake domain renewal notices designed to steal credit card information and two-factor authentication codes. The emails, masquerading as legitimate WordPress.com renewal reminders, redirect unsuspecting victims to a fraudulent payment…
Category: Cyber Security News
New macOS TCC Bypass Vulnerability Allow Attackers to Access Sensitive User Data
A critical security vulnerability in macOS has been discovered that enables attackers to completely bypass Transparency, Consent, and Control (TCC) protections. Apple’s primary defense mechanism for preventing unauthorized access to sensitive user data is the use of the microphone, camera,…
New Critical n8n Vulnerability Allow Attackers to Execute Arbitrary Commands
A critical vulnerability has been discovered in n8n, the popular open-source workflow automation platform, enabling authenticated attackers to execute arbitrary commands on host systems. The vulnerability, tracked as CVE-2025-68668, has been assigned a severe CVSS score of 9.9 out of…
CISA Expands KEV Catalog with 1,484 New Vulnerabilities as Active Exploitation Surges 20% in 2025
The United States Cybersecurity and Infrastructure Security Agency (CISA) has significantly expanded its Known Exploited Vulnerabilities (KEV) Catalog to 1,484 vulnerabilities as of December 2025, marking a critical milestone in the federal government’s efforts to combat actively exploited security flaws.…
New ClickFix Attack Uses Fake Windows BSOD Screens to Trick Users into Executing Malicious Code
A sophisticated malware campaign called PHALTBLYX has emerged, combining social engineering deception with advanced evasion techniques to compromise hospitality sector organizations. The attack chain begins with phishing emails impersonating Booking.com, featuring urgent reservation cancellation alerts with large financial charges displayed…
Top 20 Best Endpoint Management Tools – 2026
Endpoint management has become essential for modern IT, securing and optimizing devices across hybrid and remote environments. With distributed workforces expanding, demand for robust endpoint management tools reaches new heights in 2026. This guide ranks the top 20 endpoint management…
Threat Actors Allegedly Promoting New ‘Brutus’ Brute-Force Tool Targeting Fortinet Services
A threat actor operating under the moniker “RedTeam” has begun advertising a new brute-force attack tool, “Brutus,” designed to target Fortinet services, according to recent dark web intelligence. The tool is priced at $1,500, signaling growing interest in automated credential-stuffing…
New Sophisticated Phishing Attack Mimic as Google Support to Steal Logins
Cybersecurity researchers have uncovered a dangerous new phishing campaign that tricks users into surrendering their credentials by impersonating legitimate Google support and notifications. The attack combines vishing (voice phishing), spoofed domains, and Google’s own trusted infrastructure to achieve exceptional success…
Scattered Lapsus$ Hunters Resurface with New RaaS Platform ‘ShinySp1d3r’ and Aggressive Insider Recruitment
The notorious Scattered Lapsus$ Hunters threat group has returned to active operations after a period of silence following their high-profile supply chain attack targeting Salesforce third-party integrations, including Gainsight and Salesloft. Recent activity observed across underground Telegram channels and credential-trading…
Stealthy Tuoni C2 Malware Targets Major U.S. Real Estate Firm with AI-Enhanced Tactics
Cybercriminals have shifted their approach to infiltration. Rather than launching quick attacks, they now work silently within networks, stealing important information, and waiting weeks or months before striking. This is exactly what happened in a recent attack discovered by Morphisec…
Threat Actors Hacked Global Companies via Leaked Cloud Credentials from Infostealer Infections
Dozens of major global enterprises have been breached through a surprisingly simple yet devastating attack vector: stolen credentials extracted from infostealer malware. A threat actor operating under the nickname “Zestix” and his alias “Sentap” has been systematically accessing corporate cloud…
$35M Cryptocurrency Theft Linked to LastPass Password Manager DataBreach
Blockchain intelligence firm TRM Labs has traced over $35 million in stolen cryptocurrency to the 2022 LastPass breach, revealing a sophisticated Russian cybercriminal laundering operation that remains active into 2025. In 2022, hackers breached LastPass and stole encrypted password vaults…
GravityRAT with Remote Access Capabilities Attacking Windows, Android, and macOS Systems
GravityRAT is a remote access trojan that has been targeting government agencies and military organizations since 2016. This malware originated as a Windows-only threat but has evolved into a cross-platform tool that can attack Windows, Android, and macOS systems. The…
WhatsApp Vulnerabilities Leak Users’ Metadata Including Device’s Operating System Details
WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues persist. Meta’s WhatsApp, with over 3 billion monthly active users,…
WhatsApp Vulnerabilities Leaks User’s Metadata Including Device’s Operating System
WhatsApp’s multi-device encryption protocol has long leaked metadata, allowing attackers to fingerprint users’ device operating systems, aiding targeted malware delivery. Recent research highlights partial fixes by Meta, but transparency issues persist. Meta’s WhatsApp, with over 3 billion monthly active users,…
Cyberattack on Higham Lane School Forced to Close its Doors to all Students and Staff
Higham Lane School and Sixth Form has been forced to close its doors to all students and staff this week following a significant cyber-attack that has paralyzed the institution’s IT infrastructure. The attack, confirmed by school leadership over the weekend,…
Gmail to Discontinue POP3 Mail Fetching for External Email Accounts
Google has announced that Gmail will discontinue support for two key features regarding third-party email accounts. Starting in January 2026, the platform will drop support for “Gmailify” and the widely utilized “Check mail from other accounts” feature via POP3 fetching.…
Kimwolf Botnet Hacked 2 Million Devices and Turned User’s Internet Connection as Proxy Node
A dangerous new malware called Kimwolf has quietly infected over 2 million devices around the world, forcing them to act as illegal proxy servers without the owners knowing. The botnet has grown at an alarming speed and is currently being…
Threat Actor Exploited Multiple FortiWeb Appliances to Deploy Sliver C2 for Persistent Access
Recent findings indicate that a sophisticated threat actor is actively exploiting multiple outdated FortiWeb appliances to deploy the Sliver Command and Control (C2) framework. This campaign highlights a concerning trend where adversaries leverage open-source offensive tools to maintain persistent access…
Threat Group ‘Crimson Collective’ Allegedly Claim Breach of Largest Fiber Broadband Brightspeed
Brightspeed, one of America’s leading fiber broadband infrastructure providers, has become the latest victim of a significant cyberattack. The threat group known as Crimson Collective has publicly claimed responsibility for breaching the company’s systems and obtaining sensitive data. Brightspeed operates…