Category: GBHackers Security | #1 Globally Trusted Cyber Security News Platform

Threat actors have deployed a malicious LNK file masquerading as a credit card company’s security email authentication pop-up to pilfer sensitive user information. The file, named “card_detail_20250610.html.lnk,” cleverly disguises itself as a legitimate HTML document from a financial institution, exploiting…

Read more →

A significant cybersecurity breach has exposed vulnerabilities in critical US government infrastructure, as the National Nuclear Security Administration (NNSA) was reportedly compromised through a Microsoft SharePoint zero-day exploit linked to Chinese government-affiliated hacking groups. Chinese Hackers Target Critical Infrastructure The…

Read more →

Lumma Stealer, a notorious information-stealing malware-as-a-service (MaaS) platform, has swiftly reemerged after a coordinated global law enforcement operation in May 2025. The U.S. Department of Justice, alongside international partners, seized approximately 2,300 malicious domains integral to Lumma’s command-and-control (C&C) infrastructure,…

Read more →

Microsoft today unveiled a sweeping set of artificial intelligence enhancements for Windows 11, marking the most ambitious infusion of AI tools into its flagship operating system to date. Building on recent findings that nearly 60 percent of PC users have…

Read more →

A sophisticated new variant of the macOS.ZuRu malware, originally identified in 2021, has resurfaced, employing a trojanized version of the Termius SSH client to deploy a modified Khepri command-and-control (C2) beacon. This iteration, detected in late May 2025, demonstrates advanced…

Read more →

Synology has issued an urgent security advisory addressing critical vulnerabilities in its BeeDrive desktop application for Windows that could allow attackers to execute malicious code and delete arbitrary files. The company disclosed three separate Common Vulnerabilities and Exposures (CVE) identifiers…

Read more →

A critical security vulnerability has been discovered in the widely-used form-data JavaScript package, potentially exposing thousands of applications to remote attacks through predictable boundary value generation. The vulnerability, designated as CVE-2025-7783, was published five days ago by Jordan Harband (ljharb), a prominent…

Read more →

Brave Software today announced that, beginning with version 1.81 for Windows 11 and newer, the Brave browser will automatically disable Microsoft’s Recall feature by default. Recall, introduced by Microsoft in May 2024 as a Copilot PC utility that periodically captures full-screen snapshots of user activity, faced immediate criticism for its potential to expose sensitive browsing habits through an unencrypted,…

Read more →

Akamai security researchers have uncovered a novel variant of the Coyote banking trojan that marks the inaugural documented instance of malicious actors exploiting Microsoft’s UI Automation (UIA) framework in real-world attacks. Initially detailed in a December 2024 Akamai blog post…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of critical SharePoint vulnerabilities by threat actors, with security researchers attributing the attacks to Chinese hackers. The agency warns that malicious actors are leveraging a…

Read more →

Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement, and data exfiltration. Investigations conducted in the second half of 2024 and the first quarter of…

Read more →

Researchers have pierced the veil of secrecy surrounding the Federal Security Service’s (FSB) 16th Center, a unit inheriting the Soviet KGB’s primary signals intelligence (SIGINT) capabilities. By leveraging open-source intelligence (OSINT) techniques combined with phaleristics the study of military medals…

Read more →

Microsoft has unveiled significant updates to Windows 11’s system recovery capabilities, introducing a redesigned “Black Screen of Death” interface alongside new automated recovery features designed to minimize downtime and improve user experience during system failures. These enhancements represent a major…

Read more →

Google has released an urgent security update for Chrome, addressing critical vulnerabilities that could potentially allow attackers to gain complete control over users’ systems. The stable channel has been updated to version 138.0.7204.168 for Windows and Mac, and 138.0.7204.168 for…

Read more →

Kali Linux maintainers have unveiled two new packages designed to unleash the full potential of the Raspberry Pi’s onboard wireless chipset, enabling native monitor-mode and packet-injection capabilities without the need for external adapters. Arriving as part of the recent Kali…

Read more →

Mozilla has today released Firefox 141, addressing a broad spectrum of security vulnerabilities that range from high-impact memory safety bugs to moderate issues in URL handling and sandboxing. The new release, announced on July 22, 2025, under Mozilla Foundation Security…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding the active exploitation of two critical Microsoft SharePoint vulnerabilities, with organizations facing a same-day deadline to implement protective measures. The alert, released yesterday, July 22, 2025, targets vulnerabilities…

Read more →

Cybersecurity researchers have identified a sophisticated supply chain attack targeting Arch Linux users through malicious packages designed to masquerade as Firefox browser variants. Three compromised packages containing Remote Access Trojan (RAT) malware were successfully uploaded to the Arch User Repository…

Read more →

Microsoft has confirmed that Chinese nation-state actors are actively exploiting zero-day vulnerabilities in on-premises SharePoint servers, prompting urgent security updates and immediate patching recommendations for organizations worldwide. Vulnerability Discovery and Active Exploitation On July 19, 2025, Microsoft Security Response Center…

Read more →

The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. The maintainer later confirmed via social media that their npm account was compromised through a…

Read more →

APT39, a hacker collective connected to Iran’s Ministry of Intelligence and Security (MOIS), was exposed as operating through the compromised internal systems of the Iranian company Amnban, Sharif Advanced Technologies, in a significant cybersecurity incident. Launched in 2018 with credentials…

Read more →

Hexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates document and form management with integrations like Microsoft Word macros and Jython scripting, has been…

Read more →

AhnLab Security Intelligence Center (ASEC) has been actively tracking cyber threats exploiting vulnerable Linux servers through strategically deployed honeypots, with SSH services using weak credentials emerging as a prime target for distributed denial-of-service (DDoS) and cryptocurrency mining actors. In a…

Read more →

Cybersecurity researchers have provided insight into a persistent threat cluster linked to the well-known North Korean state-sponsored hacker outfit Lazarus, according to a comprehensive analysis published in March by Sekoia’s Threat Detection and Response (TDR) team. Dubbed “ClickFake Interview,” this…

Read more →

The threat actor group LARVA-208, notorious for phishing attacks and social engineering against English-speaking IT staff, has pivoted to targeting Web3 developers. Employing spearphishing links (T1566.002), the group lures victims with fabricated job offers or portfolio review requests, directing them…

Read more →

The UK government has announced a comprehensive ban preventing public sector organizations from paying ransom demands to cybercriminals, marking a significant escalation in the fight against ransomware attacks that cost the British economy millions of pounds annually. The new measures…

Read more →

Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities affecting its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) products are being actively exploited in the wild. The flaws, tracked…

Read more →

A cybersecurity researcher has released a new open-source scanner designed to detect a critical vulnerability affecting Microsoft SharePoint servers, providing organizations with a crucial tool to assess their security posture against the recently disclosed CVE-2025-53770 flaw. Rapid Response to Critical…

Read more →

Security researchers at Lookout have identified four novel samples of DCHSpy, an advanced Android surveillanceware attributed to the Iranian threat actor group MuddyWater, believed to be affiliated with Iran’s Ministry of Intelligence and Security (MOIS). These samples emerged approximately one…

Read more →

Critical security vulnerabilities in Apache Jena have been disclosed that enable administrators to access and create files outside designated server directories, potentially compromising system security. Two distinct CVEs were published on July 21, 2025, affecting all versions of Apache Jena…

Read more →

A threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering the vulnerability for sale at a substantial price point. The alleged exploit, if genuine, represents…

Read more →

Sophos has disclosed multiple critical security vulnerabilities affecting its Firewall products, with the most severe flaws enabling pre-authentication remote code execution that could allow attackers to completely compromise affected systems. The cybersecurity company released hotfixes for five independent vulnerabilities, two…

Read more →

Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, and faked identities to provide drastically reduced travel services. According to recent analysis by SpiderLabs,…

Read more →

Researchers uncovered an active Android malware cluster that ingeniously combines brand impersonation with traffic monetization tactics, targeting users across multiple regions. These malicious Android Package Kit (APK) files exploit social engineering and off-market distribution channels to evade traditional security measures,…

Read more →

A notorious ransomware actor known by the alias $$$ has unveiled GLOBAL GROUP, positioning it as a cutting-edge Ransomware-as-a-Service (RaaS) operation. Promising automated negotiations, cross-platform payloads, and lucrative affiliate splits, the group claims innovation in scalable extortion. However, deep forensic…

Read more →

wolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust store bypass flaw that could allow malicious actors to circumvent certificate verification processes on Apple platforms. Critical Apple Platform Vulnerability…

Read more →

A financially motivated threat actor, now identified as Greedy Sponge, has been relentlessly targeting Mexican organizations with a customized version of the AllaKore Remote Access Trojan (RAT). Named for its monetary focus and a past reference to a popular “SpongeBob”…

Read more →

Austin, United States / TX, July 21st, 2025, CyberNewsWire Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report, an independent study conducted by leading research firm Cyentia Institute. The report provides an…

Read more →

A critical vulnerability in the Kubernetes Image Builder has been disclosed that allows attackers to gain root access on Windows nodes by exploiting default credentials embedded in virtual machine images. Tracked as CVE-2025-7342, the flaw affects images built with the…

Read more →

A single compromised password has been identified as the catalyst that destroyed a century-old transport company and displaced 700 employees, highlighting the devastating impact of cybersecurity vulnerabilities on British businesses. The case of KNP, a Northamptonshire-based logistics firm, represents a…

Read more →

Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month,…

Read more →

ExpressVPN disclosed a vulnerability in its Windows desktop client that, under specific circumstances, could have permitted the leakage of user connection details. The flaw was discovered by security researcher Adam-X through ExpressVPN’s bug bounty program and pertains to Remote Desktop…

Read more →

Seqrite Labs APT-Team has uncovered a persistent threat entity, UNG0002 (Unknown Group 0002), orchestrating espionage-driven operations across Asian jurisdictions, including China, Hong Kong, and Pakistan. Active since at least May 2024, this South-East Asia-based cluster has demonstrated a high degree…

Read more →

A new wave of cyber-attacks has emerged, exploiting Windows shortcut files (.LNK) combined with legitimate system utilities collectively known as Living-off-the-Land Binaries and Scripts (LOLBin/S) to deliver the DeerStealer infostealer through highly obfuscated multi-stage chains. Recent campaigns begin with phishing…

Read more →

An developer recently came across a highly advanced phishing email that spoofs the support@npmjs.org address in order to impersonate npm, the Node.js package registry. The email directed recipients to a malicious link on npnjs.com, a domain cleverly typosquatted to mimic…

Read more →

Threat actors have leveraged a phishing campaign targeting npm package maintainers, resulting in the compromise of widely used JavaScript tooling libraries. The campaign, first reported on July 18, 2025, utilizes a typosquatted domain, npnjs.com, to mimic legitimate npm communications and…

Read more →

Kaspersky MDR analysts recently uncovered a sophisticated targeted attack by the Chinese-speaking cyberespionage group APT41 against government IT services in the African region, marking a notable escalation in the group’s activity on the continent, which had previously seen minimal incidents…

Read more →

A targeted attack against a U.S.-based certified public accounting firm was discovered in May 2025 by cybersecurity experts, according to a recent study described in eSentire’s Threat Response Unit (TRU) Positives report. The campaign leveraged a novel crypter named “Ghost…

Read more →

Researchers at Assetnote have uncovered a critical remote code execution (RCE) vulnerability in Lighthouse Studio, a widely used survey software developed by Sawtooth Software. This flaw, affecting the Perl CGI scripts that power the web-based survey component, enables unauthenticated attackers…

Read more →

Trustwave SpiderLabs has played a crucial role in monitoring new ransomware variants in the incredibly unstable ransomware threat landscape of 2025, where dozens of new groups have emerged and caused extensive disruptions across multiple sectors. Among these, the KAWA4096 ransomware…

Read more →

Threat actors are increasingly adopting AI-powered cloaking services to obfuscate phishing domains, counterfeit e-commerce sites, and malware distribution endpoints from automated security scanners. This technique, known as cloaking, involves dynamically serving innocuous “white pages” to detection mechanisms while directing legitimate…

Read more →

Researchers have uncovered a sophisticated phishing campaign zeroing in on Turkish enterprises, with a particular focus on the defense and aerospace industries. Threat actors are masquerading as Turkish Aerospace Industries (TUSAŞ), a key defense contractor, to disseminate malicious emails that…

Read more →

Wiz Research has disclosed a severe vulnerability in the NVIDIA Container Toolkit (NCT), dubbed #NVIDIAScape and tracked as CVE-2025-23266 with a CVSS score of 9.0, enabling malicious containers to escape isolation and gain root access on host systems. This flaw,…

Read more →

A critical vulnerability in PHP’s widely-used PDO (PHP Data Objects) library has been discovered that enables attackers to inject malicious SQL commands even when developers implement prepared statements correctly. The security flaw, revealed through analysis of a DownUnderCTF capture-the-flag challenge,…

Read more →

A sophisticated surveillance operation has been discovered exploiting critical vulnerabilities in the global telecommunications infrastructure to track mobile phone users’ locations without authorization, security researchers have revealed. The attack leverages weaknesses in the decades-old SS7 (Signaling System No. 7) protocol…

Read more →

Major Indian cryptocurrency exchange CoinDCX has confirmed a significant security breach that resulted in approximately $44 million in losses, though company executives maintain that customer funds remain completely secure and unaffected by the incident. CoinDCX co-founder Sumit Gupta publicly confirmed…

Read more →

Security researchers at Varonis Threat Labs have identified a subtle but significant vulnerability in Microsoft’s AppLocker security feature that could allow malicious applications to bypass established security restrictions. While not classified as a critical vulnerability, the discovery highlights important gaps…

Read more →

A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up to 3.6.3 and stems…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a significant threat to organizations…

Read more →

A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as CVE-2025-53816, affects the popular compression software’s RAR5 decoder and can lead to memory corruption and…

Read more →

A devastating new SharePoint vulnerability is being actively exploited in large-scale attacks worldwide, enabling attackers to gain complete control of on-premise servers without authentication. Security researchers at Eye Security discovered the ongoing campaign on July 18, 2025, revealing a sophisticated…

Read more →

A sophisticated new cyber attack technique has emerged that exploits the cross-device sign-in features of FIDO keys, effectively bypassing one of the most secure forms of multifactor authentication (MFA) available today. Security researchers have identified this adversary-in-the-middle (AitM) attack, attributed…

Read more →

A critical zero-day vulnerability in CrushFTP servers is being actively exploited by threat actors to compromise systems worldwide. The vulnerability, designated CVE-2025-54309, was first observed in active exploitation on July 18th at 9:00 AM CST, though security researchers believe the…

Read more →

A sophisticated threat actor, dubbed “SilverFox,” has been orchestrating a large-scale malware distribution campaign since at least June 2023, primarily during Chinese time zone working hours. This operation focuses on Chinese-speaking individuals and entities both within and outside China, leveraging…

Read more →

Cybercriminals are now leveraging seemingly innocuous voicemail notifications to distribute malware, with a recent campaign impersonating Veeam Software to exploit users’ trust in enterprise backup solutions. This attack vector highlights the growing intersection of social engineering and file-based exploits, where…

Read more →

Infostealers are specialized malware variants that routinely steal large amounts of sensitive data from compromised systems. This includes session tokens, login credentials, cryptocurrency wallet information, personally identifiable information (PII), multifactor authentication (MFA) artifacts, and pretty much any data stored in…

Read more →

Cybersecurity experts at cside have discovered a clever campaign that infected over 3,500 websites with nefarious JavaScript miners, marking a startling return to crypto-jacking techniques reminiscent of the Coinhive heyday of 2017. This new wave, detected in late 2024, marks…

Read more →

Fancy Bear, designated as APT28 by cybersecurity experts, represents a sophisticated Russian cyberespionage collective operational since 2007, renowned for infiltrating governments, military organizations, and strategic entities globally. This group, also known under aliases such as Sofacy, Sednit, STRONTIUM, and Unit…

Read more →

Threat actors have been using a sophisticated phishing operation to impersonate Turkish Aerospace Industries (TUSAŞ) in order to attack Turkish businesses, especially those in the defense and aerospace sectors. The campaign distributes malicious emails masquerading as contractual documents, such as…

Read more →

Researchers at Cyble Research and Intelligence Labs (CRIL) have uncovered an ongoing quishing campaign dubbed “Scanception,” which exploits QR code-based delivery mechanisms to distribute credential-harvesting URLs. This advanced phishing operation begins with targeted emails containing PDF lures that mimic legitimate…

Read more →

Google has initiated legal proceedings against the operators of BadBox 2.0, identified as the largest botnet comprising internet-connected televisions and other devices. This botnet, uncovered through a collaborative effort with cybersecurity firms HUMAN Security and Trend Micro, has infected over…

Read more →

Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers to execute arbitrary code and gain system-level privileges on affected systems. The vulnerabilities, designated CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, all carry…

Read more →

Microsoft has announced significant transparency improvements for its email security platform, introducing a new customer-facing dashboard that provides detailed visibility into threat protection effectiveness across organizations. The enhanced dashboard for Microsoft Defender for Office 365 represents a major step toward…

Read more →

A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum…

Read more →

Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious websites and execute arbitrary code within dashboard environments. The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and…

Read more →

Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware including MDifyLoader and Cobalt Strike Beacon. These attacks, observed from December 2024 through July 2025, build on prior incidents involving SPAWNCHIMERA…

Read more →

Attackers are increasingly leveraging the ClickFix social engineering technique to distribute potent malware families, including NetSupport RAT, Latrodectus, and Lumma Stealer. This method, which emerged prominently in recent months, tricks users into executing malicious commands under the guise of resolving…

Read more →

Cybersecurity researchers at Northeastern University and Dartmouth College have unveiled a groundbreaking attack technique that exploits fundamental parsing discrepancies in Web Application Firewalls (WAFs), potentially compromising the security of millions of websites worldwide. The research, dubbed “WAFFLED” (Web Application Firewall…

Read more →

Microsoft has shed light on the sophisticated operations of Octo Tempest, a financially motivated cybercriminal group alternatively known as Scattered Spider, Muddled Libra, UNC3944, or 0ktapus. This threat actor has demonstrated a versatile arsenal of tactics, techniques, and procedures (TTPs)…

Read more →

A critical security vulnerability has been discovered in Lenovo’s protection driver software, affecting millions of users across desktop and laptop systems. The flaw, identified as CVE-2025-4657, allows local attackers with elevated privileges to execute arbitrary code through a buffer overflow…

Read more →

Cisco Talos researchers identified a sophisticated Malware-as-a-Service (MaaS) operation in April 2025 that employed the Amadey botnet to distribute various payloads. This operation exploited fake GitHub accounts as open directories for hosting malicious payloads, tools, and Amadey plugins, aiming to…

Read more →

Novabev Group, the parent company of premium vodka brand Beluga, has confirmed it was hit by a sophisticated ransomware attack on July 14, 2025, temporarily disrupting operations and affecting IT infrastructure across the company and its WineLab subsidiary. The Russian…

Read more →

In 2025, the cybersecurity landscape is more fragmented and perilous than ever before. Organizations face an explosion of data sources, an increasing attack surface spanning endpoints, networks, cloud environments, and identities, and a relentless onslaught of sophisticated, multi-stage attacks. Traditional…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) released thirteen Industrial Control Systems (ICS) security advisories on July 17, 2025, highlighting critical vulnerabilities that could compromise essential infrastructure operations. This coordinated disclosure represents one of the most significant advisory releases of…

Read more →

A newly disclosed vulnerability dubbed “Daemon Ex Plist” allows attackers to escalate privileges from standard user to root access on macOS systems, exploiting a timing flaw in how the operating system handles daemon configuration files. Security researcher Egor Filatov published details of…

Read more →

A critical vulnerability in TeleMessageTM SGNL, an enterprise messaging platform modeled after Signal, is being actively exploited by threat actors to steal passwords and sensitive data from government agencies and enterprises. The flaw, tracked as CVE-2025-48927, was added to CISA’s…

Read more →

Security researchers have uncovered a critical vulnerability in Microsoft Entra ID that allows attackers to escalate privileges and gain Global Administrator access, potentially compromising entire organizational environments. This flaw represents a significant security risk for enterprises relying on Microsoft’s cloud…

Read more →

The Internet Systems Consortium (ISC) has disclosed two critical security vulnerabilities in BIND 9, one of the most widely used DNS software implementations worldwide. Published on July 16, 2025, these vulnerabilities could allow attackers to poison DNS caches and disrupt…

Read more →

Cybersecurity researchers have uncovered a sophisticated technique where threat actors are exploiting DNS infrastructure to covertly store and distribute malware, turning the internet’s domain name system into an unwitting accomplice for malicious activities. The discovery reveals how attackers can hide…

Read more →

A sophisticated cyberattack campaign has emerged targeting organizations through Microsoft Teams impersonation, delivering the updated Matanbuchus 3.0 malware loader that serves as a precursor to ransomware deployment. Security researchers at Morphisec have identified instances where attackers successfully compromised systems by…

Read more →

A Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at the time…

Read more →

FortiGuard Labs researchers have uncovered a sophisticated cryptomining campaign where the H2Miner botnet, active since late 2019, has expanded its operations to target Linux, Windows, and containerized environments simultaneously. The campaign represents a significant evolution in cross-platform cryptocurrency mining attacks,…

Read more →

Proofpoint Threat Research has identified a sophisticated multi-pronged cyberespionage campaign targeting Taiwan’s semiconductor industry between March and June 2025. Three distinct Chinese state-sponsored threat actors, designated as UNK_FistBump, UNK_DropPitch, and UNK_SparkyCarp, conducted coordinated phishing operations against organizations spanning semiconductor manufacturing,…

Read more →

Palo Alto, California, July 17th, 2025, CyberNewsWire SquareX announced the official launch of The Browser Security Field Manual at Black Hat USA 2025. In addition to a comprehensive practical guide to the latest TTPs attackers are using to target employees…

Read more →

Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated mobile forensics application called Massistant, deployed by Chinese law enforcement to extract comprehensive data from confiscated mobile devices. The tool represents a significant evolution from its predecessor MFSocket, incorporating advanced…

Read more →

Security researchers have discovered over 4 million vulnerable Internet hosts that can be weaponized for devastating new denial-of-service attacks, marking one of the largest infrastructure vulnerabilities uncovered in recent years. The groundbreaking research, conducted by Angelos Beitis and Mathy Vanhoef…

Read more →

Cybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platform, analysts have systematically monitored approximately 700 active and inactive hacktivist…

Read more →

Cybersecurity researchers at Seqrite Labs have identified a sophisticated espionage group designated as UNG0002 (Unknown Group 0002) that has been conducting persistent campaigns across multiple Asian jurisdictions since May 2024. The threat actors have demonstrated remarkable adaptability by integrating social…

Read more →

Tenable Research has disclosed a critical Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure’s Code Editor that enabled attackers to silently hijack victim Cloud Shell environments through a single malicious link. The vulnerability, which has since been remediated by…

Read more →

NVIDIA has released critical security updates addressing two significant vulnerabilities in its Container Toolkit and GPU Operator that could allow attackers to execute arbitrary code with elevated privileges. The vulnerabilities, discovered in July 2025, affect all versions of the Container…

Read more →