The Adaptix Framework team has announced a significant update to AdaptixC2, an open-source post-exploitation and adversarial emulation platform designed for penetration testers. The latest version introduces significant improvements to network tunneling, the user interface, and overall system performance. One of the…
Category: Cyber Security News
Hackers Advertised VOID ‘AV Killer’ with Kernel-level Termination Claims
The cybercriminal threat actor known as Crypt4You has recently emerged on underground forums and dark web marketplaces, advertising a sophisticated tool named VOID KILLER. This malicious software operates as a kernel-level antivirus and endpoint detection response (EDR) process killer, designed…
Massive Magecart with 50+ Malicious Scripts Hijacking Checkout and Account Creation Flows
A large-scale web skimming operation has emerged across the internet, targeting online shoppers and account holders with unprecedented scope. Security researchers have identified an over 50-script global campaign that intercepts sensitive information during checkout and account creation processes. The attack…
ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy
The cybersecurity landscape has reached a critical turning point as artificial intelligence moves from theoretical threat to operational reality. In their H2 2025 Threat Report, ESET researchers have documented a disturbing shift in how attackers operate, revealing that AI-powered malware…
Hackers Infiltrated Maven Central Masquerading as a Legitimate Jackson JSON Library
A new malware campaign has successfully infiltrated Maven Central, one of the most trusted repositories for Java developers, by masquerading as a legitimate Jackson JSON library extension. The malicious package, published under the org.fasterxml.jackson.core/jackson-databind namespace, represents one of the first…
European Space Agency Confirms Breach of Servers Outside the Corporate Network
The European Space Agency (ESA) has confirmed a cybersecurity breach affecting a limited number of external servers, marking a rare public admission of vulnerability in the continent’s premier space organization. In an official statement released Tuesday, ESA disclosed: “ESA is…
New Spear-Phishing Attack Targeting Security Individuals in Israel Region
Israel’s National Cyber Directorate recently issued an urgent alert about a targeted spear-phishing attack aimed at people working in security and defense-related areas. The campaign uses WhatsApp messages that pretend to come from trusted organizations, inviting targets to professional conferences.…
Chinese Hackers Use Rootkit to Hide ToneShell Malware Activity
A Chinese-linked threat group tied to the HoneyMyte, also known as Mustang Panda or Bronze President, is using a new kernel rootkit to hide its ToneShell backdoor. The campaign has hit government networks across Southeast and East Asia, with the…
CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks
CISA has added a critical MongoDB Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in cyberattacks. CVE-2025-14847 affects MongoDB Server and allows unauthenticated attackers to read uninitialized heap memory due to…
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
SmarterTools has issued an urgent security advisory addressing a critical vulnerability in SmarterMail that could allow attackers to execute remote code on mail servers. The flaw, tracked as CVE-2025-52691, poses a severe threat to organizations using the affected versions. The…
Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access
Microsoft’s newly unveiled “Connected Agents” feature in Copilot Studio, announced at Build 2025, is creating a significant security vulnerability. Attackers are already exploiting to gain unauthorized backdoor access to critical business systems. Connected Agents enables AI-to-AI integration, allowing agents to…
Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts
A critical zero-day vulnerability has been discovered in XSpeeder’s SXZOS firmware, affecting tens of thousands of SD-WAN appliances, edge routers, and smart TV controllers deployed globally. The vulnerability, designated PWN-25-01, enables unauthenticated remote code execution (RCE) with root-level privileges through…
70,000+ MongoDB Servers Vulnerable to MongoBleed Exploit – PoC Released
A critical vulnerability in MongoDB Server is putting tens of thousands of databases worldwide at risk. Dubbed MongoBleed and tracked as CVE-2025-14847, this high-severity flaw allows unauthenticated attackers to remotely extract sensitive data from server memory without credentials. The Shadow Server Foundation disclosed…
EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack
A major supply chain attack targeting EmEditor, a widely used text editor software, has exposed millions of users to sophisticated infostealer malware. Between December 19 and December 22, 2025, the official EmEditor website fell victim to unauthorized modification, serving compromised…
New Phishing Kit with AI-assisted Development Attacking Microsoft Users to Steal Logins
A Spanish-speaking phishing operation targeting Microsoft Outlook users has been active since March 2025, using a sophisticated kit that shows clear indicators of AI-assisted development. The campaign, tracked through a unique signature of four mushroom emojis embedded in the string…
Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures
Chinese threat actors operating under the name Silver Fox are targeting Indian organizations through sophisticated phishing campaigns that impersonate legitimate income tax documents. The attack campaign uses authentic-looking Income Tax Department emails to trick users into downloading a malicious executable…
Windows Event Logs Reveal the Messy Reality Behind ‘Sophisticated’ Cyberattacks
Public reports about cyberattacks often present a polished picture—threat actors working methodically through a well-planned playbook with every action perfectly executed. This perception leads many to believe that modern attackers operate with machine-like precision, seamlessly moving from one objective to…
Hacktivist Proxy Operations Emerge as a Repeatable Model of Geopolitical Cyber Pressure
A new form of cyber disruption is reshaping the landscape of modern conflict. Hacktivist groups are increasingly operating as strategic instruments of state pressure, launching coordinated attacks that align perfectly with geopolitical events such as sanctions announcements and military aid…
New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone
Security researchers have disclosed critical vulnerabilities affecting widely used Bluetooth headphones and earbuds that could allow attackers to eavesdrop on conversations, steal sensitive data, and even hijack connected smartphones. The flaws, identified as CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702, impact devices powered…
2.5 Million+ Malicious Request From Hackers Attacking Adobe ColdFusion Servers
A coordinated exploitation campaign that generated more than 2.5 million malicious requests against Adobe ColdFusion servers and 47+ other technology platforms during the Christmas 2025 holiday period. The operation was attributed to a single threat actor operating from Japan-based infrastructure.…