Category: Cyber Security News

Generative AI has gone from a novelty to a foundation of organization efficiency in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, personnel now rely on these platforms to code,…

Read more →

A sophisticated cyberattack campaign, active since August 2025, where a China-nexus threat actor has been weaponizing a legitimate server operations tool called Nezha to execute commands and deploy malware on compromised web servers. This campaign, uncovered by Huntress, represents the…

Read more →

Security teams are constantly on the move. Alerts never stop coming in, workloads keep piling up, and the pressure to react fast can wear anyone down. Add long investigations and a maze of tools on top of that, and burnout…

Read more →

A China-aligned advanced persistent threat (APT) group is actively leveraging OpenAI’s ChatGPT platform to develop malware and craft sophisticated spear-phishing emails for its global campaigns. Security firm Volexity tracks the actor as UTA0388 and has analyzed its operations since June…

Read more →

A sophisticated Android remote access trojan (RAT) has emerged on GitHub, presenting significant security concerns for mobile device users worldwide. The malware, publicly available under the repository “Android-RAT” by user Huckel789, claims to offer fully undetectable (FUD) capabilities that can…

Read more →

A critical flaw in the AWS Client VPN for macOS has been disclosed, presenting a local privilege escalation risk to non-administrator users.  The vulnerability tracked as CVE-2025-11462 allows attackers to gain root privileges by abusing the client’s log rotation mechanism.…

Read more →

Cisco has announced the release of ClamAV 1.5.0, a significant update to the open-source antivirus engine that introduces major security enhancements, new document scanning capabilities, and extensive API improvements. This version strengthens the platform’s detection and verification mechanisms, with a…

Read more →

Yurei ransomware first emerged in early September 2025, targeting Windows environments with a sophisticated Go-based payload designed for rapid, large-scale encryption. Once executed, the malware enumerates all accessible local and network drives, appends a .Yurei extension to each file, and…

Read more →

Google has introduced CodeMender, a new artificial intelligence-powered agent that automatically enhances software security by identifying and fixing vulnerabilities. This initiative addresses the growing gap between the rapid, AI-assisted discovery of security flaws and the time-consuming manual effort required to…

Read more →

In recent weeks, security teams have observed a surge in malvertising campaigns distributing what appears to be a fully functional PDF editor. Dubbed TamperedChef, this malware masquerades as a legitimate application—AppSuite PDF Editor—leveraging convincing advertisements to lure European organizations and…

Read more →

OpenAI announced it has banned a series of ChatGPT accounts linked to Chinese state-affiliated hacking groups that used the AI models to refine malware and create phishing content. The October 2025 report details the disruption of several malicious networks as…

Read more →

Three newly disclosed vulnerabilities have been identified in the Lua scripting engine of Redis 7.4.5, each presenting severe risks of remote code execution and privilege escalation.  Redrays has released a detailed proof-of-concept (PoC) to exploit these vulnerabilities, which is now…

Read more →

WordPress websites have become a prime target for threat actors seeking to monetize traffic and compromise visitor security. In recent months, a new malvertising campaign has emerged, leveraging silent PHP code injections within theme files to serve unwanted third-party scripts.…

Read more →

Google has released Chrome version 141.0.7390.65/.66 for Windows and Mac, along with 141.0.7390.65 for Linux, addressing multiple critical security vulnerabilities that could allow attackers to execute arbitrary code on affected systems.  The update, announced on October 7, 2025, includes three…

Read more →

A massive escalation in attacks targeting Palo Alto Networks PAN-OS GlobalProtect login portals, with over 2,200 unique IP addresses conducting reconnaissance operations as of October 7, 2025.  This represents a significant surge from the initial 1,300 IPs observed just days…

Read more →

CISA has issued a critical warning regarding a zero-day cross-site scripting (XSS) vulnerability in Synacor’s Zimbra Collaboration Suite (ZCS), designated as CVE-2025-27915.  This vulnerability has been actively exploited in attacks and poses significant risks to organizations using the popular email…

Read more →

BK Technologies Corporation, a provider of communications equipment for public safety and government agencies, has disclosed a cybersecurity incident in which an unauthorized third party breached its information technology systems and potentially exfiltrated sensitive data. In a recent Form 8-K…

Read more →

CISOs face a paradox in their SOCs every day: more data and detections than ever before, yet limited capacity to act on them effectively. Hundreds of alerts stream in daily, but without clear prioritization, the team’s focus is scattered. Critical…

Read more →

Microsoft has issued a warning that both cybercriminals and state-sponsored threat actors are increasingly abusing the features and capabilities of Microsoft Teams throughout their attack chains. The platform’s extensive adoption for collaboration makes it a high-value target, with its core…

Read more →

Cisco has released advisories for a zero-day exploit chain affecting its Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) software, which is reportedly being used in highly targeted attacks by an unknown threat actor. According to…

Read more →