A newly identified botnet malware family, dubbed “Udados,” has emerged as a significant threat to the Technology and Telecommunications sectors, orchestrating high-volume HTTP flood Distributed Denial-of-Service (DDoS) attacks. According to ANY.RUN sandbox analysis, the botnet leverages infected hosts to execute…
Tag: Cyber Security News
RansomHouse RaaS Service Upgraded with Double Extortion Strategy that Steals and Encrypt Data
RansomHouse has emerged as a significant threat in the ransomware landscape, operated by a group tracked as Jolly Scorpius. This ransomware-as-a-service platform combines data theft with encryption, creating a dual pressure point that forces victims into difficult decisions. Since December…
Microsoft Confirms Recent Windows 11 24H2/25H2 and Server 2025 Update Breaks RemoteApp Connections
Microsoft has officially acknowledged a disruptive bug in its latest Windows updates, confirming that the November 2025 non-security preview update KB5070311 (OS builds 26200.7309 and 26100.7309) and subsequent patches are causing RemoteApp connection failures in Azure Virtual Desktop (AVD) environments.…
Cisco Unified Contact Center Express Vulnerabilities Enables Remote Code Execution Attacks
A critical security advisory addressing multiple severe vulnerabilities in Cisco Unified Contact Center Express (Unified CCX). That could allow unauthenticated remote attackers to execute arbitrary commands and compromise affected systems. The vulnerabilities were disclosed on November 5, 2025, with the…
HPE OneView Software Vulnerability Let Attackers Execute Remote Code
A critical security alert warns customers about a severe vulnerability in HPE OneView Software that could allow remote attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-37164, carries a CVSS severity score of 10.0, indicating maximum critical…
CISA Adds ASUS Embedded Malicious Code Vulnerability to KEV List Following Active Exploitation
CISA has added a new ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling urgent risk for affected users and organizations. The flaw, tracked as CVE-2025-59374, affects ASUS Live Update, a utility commonly used to deliver firmware and software updates to…
Researchers Uncovered New Lazarus and Kimsuky Infrastructure with Active Tools and Tunnelling Nodes
A joint investigation by Hunt.io and the Acronis Threat Research Unit has exposed an extensive network of North Korean state-sponsored infrastructure, revealing fresh connections between Lazarus and Kimsuky operations across global campaigns. The research uncovered active tool-staging servers, credential-theft environments,…
Chinese-based Ink Dragon Compromises Asia and South America into European Government Networks
Ink Dragon, a Chinese espionage group, has significantly expanded its operations from Southeast Asia and South America into European government networks. This advancement marks a notable shift in the threat actor’s strategic focus, utilizing a blend of well-engineered tools combined…
Hackers Hijacking VNC Connections to Gain Access to OT Control Devices in Critical Infrastructure
A coalition of U.S. and international cybersecurity agencies issued a stark warning this week about pro-Russia hacktivists exploiting exposed Virtual Network Computing (VNC) connections to infiltrate operational technology (OT) systems in critical infrastructure. The joint advisory, released December 9, 2025,…
Threats Actors Registering Fake Shopping Domains to Attack Users in this Holiday Season
The 2025 holiday shopping season faces a significant cybersecurity threat as threat actors launch a massive campaign of fake online retail stores. These fraudulent domains are designed to impersonate well-known global brands, tricking unsuspecting consumers into revealing sensitive financial information…
BugTrace – AI-based Penetration Testing Tool to Detect Potential Vulnerabilities
BugTrace-AI, an open-source suite that harnesses generative AI to supercharge vulnerability detection. Launched as a one-stop web security analysis platform, BugTrace-AI blends static (SAST) and dynamic (DAST) testing with AI-driven reconnaissance, payload crafting, and more, all in a sleek React-based…
Critical Vulnerability in Popular Node.js Library Exposes Windows Systems to RCE Attacks
A serious security flaw has been discovered in systeminformation, a popular Node.js library used by thousands of developers. The vulnerability, labelled CVE-2025-68154, allows attackers to run malicious code on Windows computers. All versions up to 5.27.13 are affected, and developers…
Critical Apache Commons Text Vulnerability Enables Remote Code Execution Attacks
A newly disclosed security flaw in Apache Commons Text, tracked as CVE-2025-46295, has been identified as a remote code execution (RCE) vulnerability. That could allow attackers to compromise systems using vulnerable versions of the library. The issue impacts Apache Commons Text versions before 1.10.0,…
Phantom Stealer Attacking Users to Steal Sensitive Data like Passwords, Browser Cookies, Credit Card Data
Phantom Stealer version 3.5 has emerged as a serious threat to users worldwide, capable of extracting sensitive information including passwords, browser cookies, credit card details, and cryptocurrency wallet data. This sophisticated malware operates through deceptive packaging, often disguised as legitimate…
Kimwolf Android Botnet Hijacked 1.8 Million Android Devices Worldwide
A massive botnet targeting Android devices has emerged as one of the most significant threats in the cybersecurity landscape today. Named Kimwolf, this sophisticated malware has compromised approximately 1.8 million Android devices worldwide, including smart TVs, set-top boxes, tablets, and…
Let’s Encrypt Unveils New “Generation Y” Root and 45-Day Certificates
Let’s Encrypt, the nonprofit certificate authority powering free TLS/SSL certificates for millions of websites, announced sweeping updates to its issuance policies. The changes introduce a new “Generation Y” root hierarchy, deprecate TLS client authentication, and progressively shorten certificate lifetimes to…
Security Measures at NOWPayments: What Businesses Need to Know
When businesses start accepting crypto payments, security is often one of the first concerns. This is completely understandable. Crypto works differently from traditional payments, and many people want to know how their funds and transactions are protected. NOWPayments approaches security…
Hackers Actively Attacking Cisco and Palo Alto Networks VPN Gateways to Gain Login Access
Threat actors launched a coordinated brute-force campaign against enterprise VPN gateways, hammering Palo Alto Networks GlobalProtect portals and Cisco SSL VPN endpoints with millions of automated login attempts in mid-December 2025. GreyNoise intelligence revealed the attacks stemmed from centralized infrastructure…
Cisco AsyncOS 0-Day Vulnerability Exploited in the Wild to run System-level Commands
An active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, targeting Secure Email Gateway (formerly Email Security Appliance, ESA) and Secure Email and Web Manager (formerly Content Security Management Appliance, SMA). The attack, spotted since late November 2025 and…
NAKIVO v11.1 Introduces Stronger Protection for Virtual Environments
Enterprise-Grade Disaster Recovery and MSP Capabilities Now Available NAKIVO, a leading provider of data protection solutions, has released NAKIVO Backup & Replication v11.1, marking a significant leap forward in protecting virtual environments and empowering managed service providers (MSPs). After completing the…