Emerging in early September 2025, the Yurei ransomware has swiftly drawn attention for its novel combination of Go-based execution and ChaCha20 encryption. First documented on September 5 when a Sri Lankan food manufacturer fell victim, the threat actor behind Yurei…
Category: Cyber Security News
DarkCloud Stealer Attacking Financial Companies With Weaponized RAR Attachments
DarkCloud Stealer has recently emerged as a potent threat targeting financial organizations through convincing phishing campaigns. Adversaries employ weaponized RAR attachments masquerading as legitimate documents to deliver a multi-stage JavaScript-based payload. Upon opening the archive, victims execute a VBE script…
Great Firewall of China’s Sensitive Data of Over 500GB+ Leaked Online
The Great Firewall of China (GFW) suffered its largest-ever internal data breach. More than 500 GB of sensitive material—including source code, work logs, configuration files, and internal communications—was exfiltrated and published online. The breach stems from Geedge Networks and the…
ACR Stealer – Uncovering Attack Chains, Functionalities And IOCs
ACR Stealer represents one of the most sophisticated information-stealing malware families actively circulating in 2025, distinguished by its advanced evasion techniques and comprehensive data harvesting capabilities. Originally emerging in March 2024 as a Malware-as-a-Service (MaaS) offering on Russian-speaking cybercrime forums,…
Microsoft Warns Of Windows 11 23H2 Support Ending In 60 Days
Microsoft has issued an official reminder that support for Windows 11 version 23H2 Home and Pro editions is set to expire in approximately 60 days. The end-of-servicing date is scheduled for November 11, 2025, after which these devices will no…
New VoidProxy PhaaS Service Attacking Microsoft 365 and Google Accounts
In recent months, security teams have observed a significant increase in sophisticated phishing campaigns leveraging a newly discovered Phishing-as-a-Service (PhaaS) platform dubbed VoidProxy. The operation, first detected in August 2025, combines multiple anti-analysis techniques and adversary-in-the-middle (AitM) capabilities to target…
Top 10 Best Ransomware Protection Solutions in 2025
Ransomware continues to be one of the most destructive and pervasive cyber threats facing organizations of all sizes. In 2025, the sophistication of ransomware attacks has reached unprecedented levels, with threat actors employing advanced techniques like double extortion, supply chain…
FlowiseAI Password Reset Token Vulnerability Allows Account Takeover
A critical vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a severe authentication bypass flaw that allows attackers to perform complete account takeovers with minimal effort. The vulnerability tracked as CVE-2025-58434 impacts both cloud deployments at cloud.flowiseai.com and self-hosted…
BitlockMove Tool Enables Lateral Movement via Bitlocker DCOM & COM Hijacking
A new proof-of-concept (PoC) tool named BitlockMove demonstrates a novel lateral movement technique that leverages BitLocker’s Distributed Component Object Model (DCOM) interfaces and COM hijacking. Released by security researcher Fabian Mosch of r-tec Cyber Security, the tool enables attackers to…
Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication
Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote denial-of-service attacks and authentication bypass exploits. The vulnerabilities, tracked as CVE-2025-58364 and CVE-2025-58060, affect the core printing infrastructure used across…
Weekly Cybersecurity News Recap : Tenable, Qualys, Workday Data Breaches and Security Updates
This week in cybersecurity serves as a critical reminder of the pervasive risks within the digital supply chain, as several industry-leading companies disclosed significant data breaches. The incidents, affecting vulnerability management giants Tenable and Qualys, as well as enterprise software…
FBI Unveils IOCs for Cyber Attacks Targeting Salesforce Instances for Data Exfiltration
The Federal Bureau of Investigation (FBI) has released a flash alert detailing the activities of two cybercriminal groups, UNC6040 and UNC6395, that are actively compromising Salesforce environments to steal data for extortion purposes. The advisory, published by the FBI on…
Nmap vs. Wireshark: Choosing the Right Tool for Network Penetration Testing
Nmap vs Wireshark are the most popular Network penetration testing tools. Security professionals face an increasingly complex threat landscape, and picking the right penetration testing tools can make the difference between a secure infrastructure and a compromised network. While both…
Buterat Backdoor Attacking Enterprises to Establish Persistence and Control Endpoints
A sophisticated backdoor malware known as Backdoor.WIN32.Buterat has emerged as a significant threat to enterprise networks, demonstrating advanced persistence techniques and stealth capabilities that enable attackers to maintain long-term unauthorized access to compromised systems. The malware has been identified targeting…
New Malvertising Campaign Leverages GitHub Repository to Deliver Malware
A sophisticated malvertising campaign has emerged, exploiting GitHub repositories through dangling commits to distribute malware via fake GitHub Desktop clients. This novel attack vector represents a significant evolution in cybercriminal tactics, leveraging the trust and legitimacy associated with GitHub’s platform…
EvilAI as AI-enhanced Tools to Exfiltrate Sensitive Browser Data and Evade Detections
A sophisticated malware campaign has emerged that leverages artificial intelligence to create deceptively legitimate applications, marking a significant evolution in cyberthreat tactics. The EvilAI malware family represents a new breed of threats that combines AI-generated code with traditional trojan techniques…
New Malware Attack Leverages SVGs, Email Attachments to Deliver XWorm and Remcos RAT
Cybersecurity researchers have uncovered a sophisticated malware campaign that exploits SVG (Scalable Vector Graphics) files and email attachments to distribute dangerous Remote Access Trojans, specifically XWorm and Remcos RAT. This emerging threat represents a significant evolution in attack methodologies, as…
ChatGPT’s New Support for MCP Tools Let Attackers Exfiltrate All Private Details From Email
A newly introduced feature in ChatGPT that allows it to connect with personal data applications can be exploited by attackers to exfiltrate private information from a user’s email account. The attack requires only the victim’s email address and leverages a…
What Are The Takeaways From The Scattered LAPSUS $Hunters Statement?
The well-known group of cybercriminals called Scattered Lapsus$ Hunters released a surprising farewell statement on BreachForums. This manifesto, a mix of confession and strategic deception, offers vital insights into the changing landscape of modern cybercrime and the increasing pressure from…
AI-powered Pentesting Tool ‘Villager’ Combines Kali Linux Tools with DeepSeek AI for Automated Attacks
New AI-powered penetration testing framework Villager combines Kali Linux toolsets with DeepSeek AI models to fully automate cyber attack workflows. Initially developed by the Chinese-based group Cyberspike, this tool has rapidly gained traction since its July 2025 release on the…