Securing websites demands top-tier web vulnerability scanners. These powerful tools pinpoint critical flaws like SQL injection, cross-site scripting (XSS), and command injection, keeping your site fortified against attacks. Elite scanners emulate attacker strategies, delivering concrete proof and precise fix instructions.…
Category: Cyber Security News
Top 50 Best Penetration Testing Companies in 2026
Penetration testing companies serve as vital cybersecurity allies, simulating real-world cyberattacks to expose vulnerabilities in systems, networks, and applications before malicious actors strike. Employing ethical hackers with advanced techniques, they rigorously assess defenses, pinpoint misconfigurations, and evaluate control effectiveness to…
Three Malicious NPM Packages Attacking Developers to Steal Login Credentials
Three malicious npm packages are targeting JavaScript developers to steal browser logins, API keys, and cryptocurrency wallet data. The packages, named bitcoin-main-lib, bitcoin-lib-js, and bip40, were uploaded to the public npm registry and posed as tools linked to the popular…
Ni8mare Vulnerability Let Attackers Hijack n8n Servers – Exploit Released With 26,512 Vulnerable Hosts
A critical unauthenticated remote code execution vulnerability discovered in n8n, the popular workflow automation platform, exposes an estimated 100,000 servers globally to complete takeover. Tracked as CVE-2026-21858 with a maximum CVSS score of 10.0, the flaw allows unauthenticated attackers to…
Hackers Exploiting VMware ESXi Instances in the Wild Using zero-day Exploit Toolkit
Hackers are exploiting VMware ESXi instances in the wild with a zero-day exploit toolkit that chains multiple vulnerabilities for VM escapes. Cybersecurity firm Huntress disrupted one such attack, attributing initial access to a compromised SonicWall VPN. Threat actors gained a…
Hackers Using Malicious Imageless QR Codes to Render Phishing Attack Via HTML Table
A recent phishing campaign is abusing QR codes in a new way, turning simple HTML tables into working codes that redirect users to malicious sites. Instead of embedding a QR image in the email body, the attackers build the code…
Windows Packer pkr_mtsi Powers Widespread Malvertising Campaigns Delivering Multiple Malware Families
A sophisticated Windows packer known as pkr_mtsi has emerged as a powerful tool for delivering multiple malware families through widespread malvertising campaigns. First detected on April 24, 2025, this malicious packer continues to operate actively, distributing trojanized installers disguised as…
From Tycoon2FA to Lazarus Group – Inside ANY.RUN’s Biggest Discoveries of 2025
ANY.RUN, the interactive malware analysis platform, has wrapped up 2025 with impressive growth figures and significant contributions to the cybersecurity community. The company’s annual report reveals how its global user base collectively spent over 400,000 hours analyzing threats—equivalent to more…
GoBruteforcer Botnet brute-forces Passwords for FTP, MySQL, and phpMyAdmin on Linux Servers
A sophisticated Go-based botnet dubbed GoBruteforcer is aggressively targeting Linux servers worldwide, brute-forcing weak passwords on internet-exposed services including FTP, MySQL, PostgreSQL, and phpMyAdmin. Check Point Research recently documented a new 2025 variant of the malware that demonstrates significant technical…
CrazyHunter Ransomware Attacking Healthcare Sector with Advanced Evasion Techniques
CrazyHunter ransomware has emerged as a critical and evolving threat that specifically targets healthcare organizations and sensitive medical infrastructure. This Go-developed malware represents a significant escalation in ransomware sophistication, employing advanced encryption methods and delivery mechanisms designed to bypass modern…
ownCloud Urges Users to Enable Multi-Factor Authentication Following Credential Theft
ownCloud has urgently urged users of its Community Edition to enable multi-factor authentication (MFA). Threat intelligence report from Hudson Rock highlighted incidents where attackers compromised self-hosted file-sharing platforms, including some ownCloud deployments, but ownCloud stresses that its platform itself remains…
PoC Exploit Released for Android/Linux Kernel Vulnerability CVE-2025-38352
A proof-of-concept (PoC) exploit for CVE-2025-38352, a critical race condition vulnerability in the Linux kernel, has been publicly released on GitHub. The vulnerability, discovered earlier this year, targets the POSIX CPU timers implementation and was previously exploited in limited, targeted…
Threat Actors Leversges Google Cloud Services to Steal Microsoft 365 Logins
A sophisticated new phishing campaign has emerged, leveraging the trusted infrastructure of Google Cloud services to bypass security filters and steal sensitive Microsoft 365 login credentials. By abusing legitimate workflow automation tools, threat actors are crafting convincing attacks that blend…
Chinese Hackers Deploy NFC-enabled Android Malware to Steal Payment Data
Chinese threat actors have launched a sophisticated campaign using NFC-enabled Android malware called Ghost Tap to intercept and steal financial information from victims worldwide. The malware operates through a deceptive distribution model, where attackers trick users into downloading seemingly legitimate…
Researchers Manipulate Stolen Data to Corrupt AI Models and Generate Inaccurate Outputs
Researchers from the Chinese Academy of Sciences and Nanyang Technological University have introduced AURA, a novel framework to safeguard proprietary knowledge graphs in GraphRAG systems against theft and private exploitation. Published on arXiv just a week ago, the paper highlights…
LockBit 5.0 Emerges with New Sophisticated Encryption and Anti-Analysis Tactics
LockBit 5.0 has surfaced as the latest iteration of one of the world’s most active ransomware-as-a-service operations, continuing a legacy of sophisticated attacks since the group’s emergence in September 2019. This new version represents a significant evolution in the threat…
TOTOLINK EX200 Extender Vulnerability Allow Attacker to Gain Full System Access
A severe vulnerability in the TOTOLINK EX200 Wi-Fi extender could allow attackers to gain full system access via an unauthenticated telnet root service, researchers warned. The flaw, tracked as CVE-2025-65606 and assigned CERT Vulnerability Note VU#295169, affects the firmware upload error-handling logic…
ToddyCat Malware Compromises Microsoft Exchange Servers using ProxyLogon Vulnerability
ToddyCat, a sophisticated cyber espionage group, has emerged as a persistent threat targeting high-profile organizations across multiple continents. The group began operations in December 2020 by compromising Microsoft Exchange servers in Taiwan and Vietnam using an unidentified vulnerability. However, their…
Microsoft to Cancel Plans Imposing Daily Limit For Exchange Online Bulk E-mails
Microsoft has announced the indefinite cancellation of its Mailbox External Recipient Rate Limit in Exchange Online, reversing a previously planned restriction on bulk email sending. The decision comes after significant customer feedback highlighting operational disruptions caused by the proposed limitation.…
Hackers Exploited Routing Scenarios and Misconfigurtions to Effectively Spoof Organizations
Phishing actors are exploiting complex routing scenarios and misconfigured security protections to send fake emails that appear to come from within organizations. These emails look like they were sent internally, making them harder to detect. Threat actors have used this…