August 2025 saw a dramatic surge in targeted attacks by the DarkCloud Stealer against financial institutions worldwide. CyberProof’s MDR analysts and threat hunters identified a wave of phishing emails bearing malicious RAR archives designed to prey on Windows users. Once…
Category: EN
Microsoft Warns Windows 11 23H2 Support Ending in 60 Days
Microsoft has issued an urgent reminder to enterprise and educational institutions worldwide about the impending end of support for Windows 11 version 22H2. With just 60 days remaining, organizations must prepare for the October 14, 2025, deadline when critical security…
FlowiseAI Password Reset Token Vulnerability Allows Account Takeover
A critical vulnerability affecting FlowiseAI’s Flowise platform has been disclosed, revealing a severe authentication bypass flaw that allows attackers to perform complete account takeovers with minimal effort. The vulnerability tracked as CVE-2025-58434 impacts both cloud deployments at cloud.flowiseai.com and self-hosted…
New Research Reveals One-Third of Cloud Assets Harbor Easily Exploitable Vulnerabilities
Analysis of nearly five million internet-exposed assets shows significant security gaps across major cloud platforms, with Google Cloud-hosted assets showing highest vulnerability rates. The post New Research Reveals One-Third of Cloud Assets Harbor Easily Exploitable Vulnerabilities appeared first on…
BitlockMove Tool Enables Lateral Movement via Bitlocker DCOM & COM Hijacking
A new proof-of-concept (PoC) tool named BitlockMove demonstrates a novel lateral movement technique that leverages BitLocker’s Distributed Component Object Model (DCOM) interfaces and COM hijacking. Released by security researcher Fabian Mosch of r-tec Cyber Security, the tool enables attackers to…
Linux CUPS Vulnerability Let Attackers Remote DoS and Bypass Authentication
Two critical vulnerabilities have been discovered in the Linux Common Unix Printing System (CUPS), exposing millions of systems to remote denial-of-service attacks and authentication bypass exploits. The vulnerabilities, tracked as CVE-2025-58364 and CVE-2025-58060, affect the core printing infrastructure used across…
Most enterprise AI use is invisible to security teams
Most enterprise AI activity is happening without the knowledge of IT and security teams. According to Lanai, 89% of AI use inside organizations goes unseen, creating risks around data privacy, compliance, and governance. This blind spot is growing as AI…
HiddenGh0st, Winos and kkRAT Exploit SEO, GitHub Pages in Chinese Malware Attacks
Chinese-speaking users are the target of a search engine optimization (SEO) poisoning campaign that uses fake software sites to distribute malware. “The attackers manipulated search rankings with SEO plugins and registered lookalike domains that closely mimicked legitimate software sites,” Fortinet…
NPM Attack Leave Hackers Empty Handed: Cybersecurity Today with David Shipley
Cybersecurity Today: NPM Attack, Void Proxy Phishing, and Major Business Disruptions In this episode of Cybersecurity Today, host David Shipley discusses a recent massive NPM attack that, despite causing significant disruption, left hackers with minimal gains. We also cover a…
Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September 5, 2025, this Go-based ransomware employs the ChaCha20 encryption algorithm…
Over 500GB of Sensitive Great Firewall of China Data Leaked Online
A massive data breach has exposed the inner workings of China’s internet censorship system, with over 500GB of sensitive documents from the Great Firewall of China (GFW) leaked online on September 11, 2025. This represents the largest leak of internal…
INC ransom group claimed the breach of Panama’s Ministry of Economy and Finance
Panama’s Ministry of Economy and Finance disclosed a security breach impacting a computer in its infrastructure. Panama’s Ministry of Economy and Finance (MEF) announced that threat actors likely compromised one of its computers. The Ministry immediately activated its security protocols…
UK ICO finds students behind majority of school data breaches
UK ICO reports students caused over half of school data breaches, showing kids are shaping cybersecurity in unexpected ways. The UK Information Commissioner’s Office (ICO), students were responsible for most of the data breaches suffered by the schools in the…
Arkime: Open-source network analysis and packet capture system
Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard PCAP format, making it easy to search and access. The solution includes a…
Top 10 Best Web Application Firewall (WAF) Solutions In 2025
In 2025, web applications are no longer just static websites; they are dynamic, complex ecosystems that serve as the primary interface between businesses and their customers. This makes them a prime target for cybercriminals. Traditional network firewalls and intrusion prevention…
FlowiseAI Password Reset Token Vulnerability Enables Account Takeover
A critical vulnerability in FlowiseAI has been discovered that allows attackers to take over user accounts with minimal effort. The flaw, tracked as CVE-2025-58434, affects both cloud-hosted and self-hosted FlowiseAI deployments, posing significant risks to organizations using this AI workflow automation platform. CVE…
Linux CUPS Flaw Allows Remote Denial of Service and Authentication Bypass
Two critical security vulnerabilities have been discovered in the Common Unix Printing System (CUPS), a widely used printing subsystem for Unix-like operating systems. The flaws, designated as CVE-2025-58364 and CVE-2025-58060, expose Linux systems to remote denial-of-service attacks and authentication bypass,…
VoidProxy PhaaS Targets Microsoft 365 and Google Accounts in New Campaign
Phishing-as-a-Service operation called VoidProxy that uses advanced adversary-in-the-middle techniques to bypass traditional multi-factor authentication and steal session tokens from Microsoft 365 and Google accounts. The five steps of a SIM-swap attack illustrating how fraudsters bypass multi-factor authentication to compromise accounts …
What could a secure 6G network look like?
The official standards for 6G are set to be announced by the end of 2029. While the industry is moving towards consensus around how the 6G network will be built, it also needs to anticipate how it will be compromised…
Why neglected assets are the hidden threat attackers love to find
In this Help Net Security video, Tim Chase, Tech Evangelist at Orca Security, explores one of the most overlooked cybersecurity risks: neglected assets. From forgotten cloud resources and outdated OT systems to expired domains and abandoned storage, these hidden vulnerabilities…