A sophisticated malware campaign leveraging fake software installers disguised as popular applications has emerged as a significant threat to cybersecurity infrastructure, with attackers deploying the hard-to-detect Winos 4.0 malware through deceptive VPN and QQBrowser installations. The campaign represents a concerning…
Tag: Cyber Security News
Chinese Nexus Hackers Actively Exploiting Ivanti Endpoint Manager Mobile Vulnerability
A sophisticated China-linked threat group has been actively exploiting critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) systems since May 15, 2025, targeting organizations across healthcare, telecommunications, aviation, municipal government, finance, and defense sectors globally. The campaign leverages two newly…
Securing Android in the Enterprise – Policies and Solutions
Recent security vulnerabilities in Google’s Android operating system have highlighted the critical importance of robust enterprise mobile security strategies. Just days ago, on May 11, 2025, security researchers identified multiple vulnerabilities in the Android OS, with the most severe potentially…
Android Security Patches – How to Stay Updated and Protected
As Android continues to dominate the global smartphone market, its open and flexible ecosystem remains both a strength and a challenge. The very features that make Android attractive- customization, variety, and choice- also create rapid opportunities for security threats to…
Apple XNU kernel Vulnerability Let Attackers Escalate Privileges
A critical security vulnerability in Apple’s XNU kernel has been disclosed. It allows local attackers to escalate privileges and potentially execute arbitrary code with kernel-level access. The flaw, identified as CVE-2025-31219, represents a significant security risk across multiple Apple operating…
New Blackhat AI Tool Venice.ai Let Attackers Create Malware in Minutes
A new artificial intelligence platform called Venice.ai is raising serious cybersecurity concerns after researchers discovered it can generate functional malware, phishing emails, and sophisticated cyberattack tools with minimal user expertise. Unlike mainstream AI services such as ChatGPT, Venice.ai deliberately removes…
Critical NETGEAR Router Vulnerability Let Attackers Gain Full Admin Access
A newly disclosed authentication bypass vulnerability has exposed thousands of NETGEAR DGND3700v2 routers to remote attacks, allowing cybercriminals to gain complete administrative control without requiring valid credentials. The flaw, tracked as CVE-2025-4978 and assigned a critical CVSS score of 9.3,…
ModSecurity Vulnerability Exposes Millions of Web Servers to Severe DoS Condition
A critical vulnerability in ModSecurity’s Apache module has been disclosed, potentially exposing millions of web servers worldwide to denial-of-service attacks. The flaw, tracked as CVE-2025-47947 and assigned a CVSS score of 7.5, affects the popular open-source web application firewall’s handling…
LockBit Data Leak Unveils Most Active Affiliates & Their Innerworkings
A significant data breach has exposed the inner workings of one of the world’s most prolific ransomware operations, providing unprecedented insight into LockBit’s affiliate structure and victim targeting strategies. The treasure trove of leaked information, published on LockBit’s hijacked leak…
Exploitable Vulnerabilities in Canon Printers Allow Attackers to Gain Admin Privileges
Canon Inc. has issued a critical security advisory warning customers about severe vulnerabilities affecting a wide range of their production printers, office multifunction printers, and laser printers. The vulnerabilities, identified as CVE-2025-3078 and CVE-2025-3079, enable malicious actors to extract sensitive…
CISA Alerts on Threat Actors Targeting Commvault’s Azure App to Steal Secrets
CISA issued an urgent advisory, warning organizations about ongoing cyber threat activity targeting Commvault’s software-as-a-service (SaaS) cloud applications hosted in Microsoft Azure environments. Threat actors have successfully accessed client secrets for Commvault’s Metallic Microsoft 365 backup solution, providing unauthorized access…
ViciousTrap Hacker Compromised 5,500+ Edge Devices From 50+ Brands & Turned Them Into Honeypots
A sophisticated threat actor designated as ViciousTrap has successfully compromised over 5,500 edge devices across more than 50 brands, transforming them into a massive distributed honeypot network capable of intercepting and monitoring exploitation attempts worldwide. This unprecedented campaign represents a…
ModSecurity Vulnerability Exposes Millions of Web Servers to Severe Denial-of-Service
A critical vulnerability in ModSecurity’s Apache module has been disclosed, potentially exposing millions of web servers worldwide to denial-of-service attacks. The flaw, tracked as CVE-2025-47947 and assigned a CVSS score of 7.5, affects the popular open-source web application firewall’s handling…
PoC Published For Fortinet 0-Day Vulnerability That Being Exploited in the Wild
Security researchers have published detailed proof-of-concept (PoC) analysis for a critical zero-day vulnerability affecting multiple Fortinet products, as threat actors continue to exploit the flaw in real-world attacks actively. The vulnerability, tracked as CVE-2025-32756, represents a significant security risk with…
Gujarat Teen Behind 50+ Cyberattacks During ‘Operation Sindoor’ Arrested
The Gujarat Anti-Terrorism Squad (ATS) has arrested an 18-year-old and a minor for orchestrating over 50 coordinated cyberattacks on Indian government websites during the recent military ‘Operation Sindoor’. The main accused, Jasim Shahnawaz Ansari from Nadiad in Gujarat’s Kheda district,…
CefSharp Enumeration Tool Reveals Security Vulnerabilities in .NET Desktop Apps
Security researchers have unveiled significant vulnerabilities in .NET desktop applications that utilize CefSharp, a popular framework for embedding Chromium browsers within desktop applications, exposing millions of enterprise applications to potential remote code execution attacks. CefSharp, a lightweight .NET wrapper around…
Russian Hackers Leverage Oracle Cloud Infrastructure to Scaleway Object Storage
In a sophisticated cybersecurity attack uncovered this week, Russian threat actors have been observed exploiting multiple cloud service providers to deliver the notorious Lumma Stealer malware. The campaign utilizes legitimate cloud infrastructure—including Oracle Cloud Infrastructure (OCI), Scaleway Object Storage, and…
Versa Concerto 0-Day Authentication Bypass Vulnerability Allows Remote Code Execution
Significant vulnerabilities were uncovered in Versa Concerto, a widely deployed SD-WAN orchestration platform used by major enterprises and government entities. The flaws include authentication bypass vulnerabilities that can be chained to achieve remote code execution and complete system compromise. Despite…
Multiple GitLab Vulnerabilities Let Attackers Trigger DoS Attacks
GitLab has released critical security patches addressing 11 vulnerabilities across its Community Edition (CE) and Enterprise Edition (EE) platforms, with several high-risk flaws enabling denial-of-service (DoS) attacks. The coordinated release of versions 18.0.1, 17.11.3, and 17.10.7 comes as the DevOps…
UAT-638 Hackers Exploit Cityworks Zero-Day to Attack IIS Servers With VSHell Malware
A sophisticated cyber threat group designated as UAT-6382 has been actively exploiting a critical zero-day vulnerability in Cityworks, a popular asset management system used by local governments across the United States. The vulnerability, tracked as CVE-2025-0994, allows remote code execution…