Germany’s data protection authorities have escalated their scrutiny of Chinese artificial intelligence applications, with Berlin’s data protection commissioner Meike Kamp formally requesting Apple and Google to review and potentially remove DeepSeek from their respective app stores. The move, announced on…
Category: Cyber Security News
10 Best Free Malware Analysis Tools To Break Down The Malware Samples – 2025
Malware analysis is a critical skill for cybersecurity professionals, threat hunters, and incident responders. With the growing sophistication of cyber threats, having access to reliable, free malware analysis tools is essential for dissecting, understanding, and mitigating malicious software. This article…
Scattered Spider Attacking Tech Companies Using Phishing Frameworks Like Evilginx and Social Engineering Methods
Scattered Spider burst onto the cybersecurity stage in early 2022 as little more than a SIM-swapping crew, but by mid-2025 it had pivoted into a full-scale, financially motivated threat group leveraging advanced phishing toolkits to breach some of the world’s…
Bluetooth Vulnerabilities Let Hackers Spy on Your Headphones and Earbuds
A major security flaw affecting millions of Bluetooth headphones and earbuds has been discovered, allowing attackers to remotely hijack devices and spy on users without requiring any authentication or pairing. The vulnerabilities, identified by cybersecurity researchers at ERNW, affect devices…
DragonForce Ransomware Empowers Affiliates with Modular Toolkit to Create Custom Ransomware Payloads
DragonForce ransomware has emerged as one of the most sophisticated threats in the cybercriminal ecosystem, transforming from a hacktivist collective into a mature Ransomware-as-a-Service (RaaS) operation since its debut in December 2023. The group initially gained notoriety through ideologically driven…
New Report Unveils Most of The Ransomware Attacks Targeting Organizations Via Exploited Vulnerabilities
A comprehensive analysis of the global ransomware landscape has revealed that exploited vulnerabilities remain the dominant attack vector, accounting for 32% of all successful ransomware incidents targeting organizations worldwide. This marks the third consecutive year that vulnerability exploitation has topped…
10 Best Android Password Managers 2025
Looking for the best Android password managers in 2025? You’re in the right place. With growing online threats and more accounts than ever, using a reliable Android password manager is essential to protect your digital identity. Whether you’re storing credentials,…
Zig Strike – An Offensive Toolkit to Create Payloads and Bypass AV, XDR/EDR Detections
Zig Strike is a sophisticated offensive toolkit designed to bypass advanced security solutions, including Anti-Virus (AV), Next-Generation Antivirus (NGAV), and Endpoint Detection and Response (XDR/EDR) systems. This open-source toolkit represents a significant evolution in red team capabilities, leveraging the modern Zig programming…
RansomHub Ransomware Attacking RDP Servers Using Mimikatz and Advanced IP Scanner Tools
A recent incident response investigation from THE DFIR report has revealed the sophisticated tactics employed by RansomHub ransomware operators in a coordinated attack campaign that compromised an entire corporate network through an exposed Remote Desktop Protocol (RDP) server. The attack,…
Scattered Spider Hackers Actively Attacking Aviation and Transportation Firms
Cybersecurity experts and federal authorities are sounding urgent alarms as the notorious Scattered Spider hackers have pivoted to targeting the aviation and transportation sectors, marking a dangerous escalation in their operations. The FBI has confirmed that the cybercriminal group, also…
25 Best Managed Security Service Providers (MSSP) in 2025
Managed Security Service Providers (MSSPs) are specialized companies that deliver outsourced cybersecurity services to protect businesses from evolving cyber threats. These providers offer a range of services, including 24/7 threat monitoring, incident response, vulnerability management, and compliance support. MSSPs help…
Beware of Trending TikTok Videos That Promotes Pirated Apps Deliver Stealer Malware
Cybercriminals have discovered a new frontier for malware distribution by weaponizing TikTok’s massive user base and algorithmic reach. A sophisticated social engineering campaign has emerged that leverages AI-generated videos to trick users into downloading dangerous information-stealing malware disguised as software…
Threat Actors Behind GIFTEDCROOK Stealer Coverted It To an Intelligence-Gathering Tool
The cyber-espionage landscape targeting Ukraine has witnessed a significant evolution with the transformation of GIFTEDCROOK malware from a rudimentary browser credential stealer into a sophisticated intelligence-gathering platform. Initially discovered as a basic infostealer in early 2025, this malware has undergone…
Threat Actors Exploiting Windows & Linux Servers Vulnerability to Deploy Web Shell
A sophisticated cyber attack campaign targeting South Korean web servers has emerged, with threat actors deploying MeshAgent and SuperShell malware to compromise both Windows and Linux infrastructure. The multi-platform assault demonstrates an escalation in attack complexity, as adversaries leverage file…
ESET Warns of NFC Data for Contactless Payments Emerges as Cybercrime Target
A sophisticated new malware campaign targeting Near Field Communication (NFC) payment systems has emerged as a significant global cybersecurity threat, transforming what began as a localized attack in Eastern Europe into a worldwide phenomenon. The malicious operation, first identified by…
Microsoft Teams to Set Employee’s Work Locations Based on Organization’s Wi-Fi Network
Microsoft has announced a significant enhancement to Teams that will automatically detect and set employees’ work locations based on their connection to organizational Wi-Fi networks. This innovative feature, scheduled for general availability in early September 2025, represents a major advancement…
Weaponized DeepSeek Installers Delivers Sainbox RAT and Hidden Rootkit
Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting the popularity of artificial intelligence tools to target Chinese-speaking users. The attack leverages fake installers masquerading as legitimate software downloads, including the popular AI chatbot DeepSeek, to deploy advanced persistent threats…
KC Man Hacked Computers to Pitch For Cybersecurity Services Pleaded Guilty
A Kansas City man has admitted to infiltrating a nonprofit organization’s computer network using sophisticated hacking techniques in what authorities describe as an elaborate scheme to demonstrate cybersecurity vulnerabilities. Nicholas Michael Kloster, 32, pleaded guilty on Wednesday to federal computer…
Let’s Encrypt to Issue Certificate for IP Address With 6-Day Validity
Let’s Encrypt, the world’s largest certificate authority, announced its readiness to begin issuing SSL/TLS certificates for IP addresses through its production environment, marking a significant advancement in internet security infrastructure. The certificates will be available exclusively under the organization’s short-lived…
Cybercriminals Leveraging CapCut Popularity to Harvest Apple ID Credentials & Credit Card Data
Cybercriminals have begun exploiting the widespread popularity of CapCut, the dominant short-form video editing application, to orchestrate sophisticated phishing campaigns targeting Apple ID credentials and credit card information. This emerging threat demonstrates how attackers strategically leverage trending applications to enhance…