As cyber threats grow in complexity and frequency, enterprise security monitoring has become a non-negotiable pillar of modern business defense. Data breaches can cost organizations millions, erode customer trust, and have long-term impacts on business performance. Enterprises invest in advanced…
Tag: Cyber Security News
Critical Firefox 0-Interaction libvpx Vulnerability Let Attackers Execute Arbitrary Code
Mozilla has released emergency security updates to address a critical vulnerability in Firefox that could allow attackers to execute arbitrary code on victims’ systems without any user interaction. The security flaw, tracked as CVE-2025-5262, was announced on May 27, 2025,…
Velvet Chollima APT Hackers Attacking Government Officials With Weaponized PDF
A sophisticated cyber espionage campaign attributed to the North Korean advanced persistent threat (APT) group Velvet Chollima has emerged, targeting South Korean government officials and organizations across multiple continents through weaponized PDF documents and innovative social engineering techniques. The Velvet…
Silver RAT Malware With New Anti-virus Bypass Techniques Executes Malicious Activities
A sophisticated new remote access trojan known as Silver RAT v1.0 has emerged in the cyberthreat landscape, demonstrating advanced anti-virus bypass capabilities and an array of destructive functionalities targeting Windows systems. First observed in the wild during November 2023, this…
Security Trends Analysis – Emerging Risks for 2025
As the digital landscape continues to evolve at breakneck speed, organizations worldwide are bracing for a new wave of security challenges in 2025. The convergence of artificial intelligence, geopolitical tensions, and quantum computing is reshaping the threat environment, demanding a…
Chrome Security Update – High-Severity Vulnerabilities Leads to Code Execution
Google has officially promoted Chrome 137 to the stable channel for Windows, Mac, and Linux platforms, marking a significant milestone in browser security and artificial intelligence integration. The Chrome team announced the release on May 27, 2025, with the update…
Researchers Dissected macOS ‘AppleProcessHub’ Stealer, TTPs & C2 Server Details Exposed
Security researchers have conducted an extensive analysis of a sophisticated macOS information stealer that emerged in mid-May 2025, revealing intricate attack mechanisms and command-and-control infrastructure details. The malware, dubbed ‘AppleProcessHub’ after its associated domain, represents a significant threat to macOS…
Zero Trust In The API Economy: New Frontiers In Identity-Based Access Control
APIs are the new highways of the internet. They’re fast, powerful, and make everything run until someone sneaks in and crashes the system. That’s the dilemma of the modern digital world: we’ve built an economy around APIs, but a lot…
Hackers Mimic OneNote Login to Steal Office365 & Outlook Credentials
A sophisticated phishing campaign targeting Italian and U.S. users through fake Microsoft OneNote login prompts designed to harvest Office 365 and Outlook credentials. The attack leverages legitimate cloud services and Telegram bots for data exfiltration, making detection significantly more challenging…
Microsoft Warns of Void Blizzard Hackers Attacking Telecommunications & IT Organizations
Microsoft Threat Intelligence has unveiled a sophisticated Russian-affiliated cyberespionage group dubbed “Void Blizzard” (also known as LAUNDRY BEAR) that has been conducting widespread attacks against telecommunications and IT organizations since April 2024. The threat actor has successfully compromised critical infrastructure…
Check Point Acquires Veriti for Automated Threat Exposure Management
Check Point Software Technologies has announced the acquisition of Veriti Cybersecurity, marking a significant advancement in automated threat exposure management for enterprises facing increasingly sophisticated AI-driven cyber attacks. The transaction, expected to close by the end of Q2 2025, represents…
How To Use Threat Intelligence Data From 15,000 Companies To Defend Yours
Threat intelligence is the cornerstone of proactive cyber defense, providing context to security events to prioritize response efforts. It’s about turning raw data into strategic insights that can be used to fortify network defenses against known and unknown threats. The…
Dutch Intelligence Exposes Russian “Laundry Bear” Hackers Behind Police Hack
Dutch intelligence services have identified a previously unknown Russian hacking group responsible for cyberattacks on multiple Dutch organizations, including a significant breach of the national police system in September 2024 that compromised work-related contact information of officers. The Netherlands General…
New Android Malware GhostSpy Let Attacker Take Full Control Over Infected Devices
A sophisticated new Android malware strain called GhostSpy has emerged as a significant threat to mobile device security, demonstrating advanced capabilities that allow cybercriminals to achieve complete control over infected smartphones and tablets. This web-based Remote Access Trojan (RAT) employs…
Windows 11 Notepad Gets AI Writer Using a Variant of ChatGPT or Microsoft’s AI Model
Microsoft has revolutionized its iconic Notepad application by introducing an AI-powered text generation feature called “Write,” marking a dramatic transformation for the minimalist text editor that has remained largely unchanged for decades. The new functionality, powered by a variant of…
Adidas Data Breach – Customer Data Exposed Via Third-Party Service Provider
German sportswear giant Adidas has confirmed a significant data breach involving customer contact information accessed through a compromised third-party customer service provider. The incident, disclosed on May 23, 2025, exposed contact details of consumers who had previously interacted with the…
GitHub MCP Server Vulnerability Let Attackers Access Private Repositories
A critical security vulnerability in the widely-used GitHub Model Context Protocol (MCP) server has been discovered, exposing users to sophisticated attacks that can compromise private repository data through malicious prompt injections. The vulnerability affects any agent system using the GitHub…
GIMP Image Editor Vulnerability Let Remote Attackers Arbitrary Code
Two critical security vulnerabilities discovered in the popular GIMP image editing software have been disclosed. These vulnerabilities allow remote attackers to execute arbitrary code on affected systems. The vulnerabilities, identified as CVE-2025-2760 and CVE-2025-2761, were publicly disclosed on April 7th,…
Google Ads Campaign Targets Developers with Malware via Fake Homebrew Site
Security researchers have revealed that a sophisticated malvertising campaign discovered last week has been targeting software developers through malicious Google advertisements that impersonate the popular Homebrew package manager. The attack demonstrates an evolution in cybercriminal tactics that exploit trusted verification…
New Attack Bypasses HTTP/2 Security for Arbitrary Cross-Site Scripting
A critical vulnerability in HTTP/2 protocol implementations that allows attackers to bypass web security protections and execute arbitrary cross-site scripting (XSS) attacks against major websites. At the Network and Distributed System Security (NDSS) Symposium 2025, Tsinghua University researchers presented their…