A sophisticated search engine optimization (SEO) poisoning attack has emerged, targeting employees through their mobile devices with fake login pages that mimic legitimate corporate portals. The attack, which has already affected organizations in the manufacturing sector, enables hackers to steal…
Tag: Cyber Security News
Docker Zombie Malware Infects Containers to Mine Crypto and Self-Replicate
A sophisticated self-replicating malware strain targeting Docker environments has been discovered propagating across insecurely published Docker APIs. This “zombie” malware, observed in May 2025, autonomously infects Docker containers and transforms them into cryptomining nodes while simultaneously scanning for new victims…
New Scan Reveals 150K Industrial Systems Around the Globe are Exposed to Cyberattacks
A groundbreaking study has uncovered approximately 150,000 industrial control systems (ICS) exposed to the public internet across the globe, raising significant cybersecurity concerns for critical infrastructure worldwide. This extensive research, published in 2024, reveals that these vulnerable systems span 175…
71 Fake Sites Using Brand Scam to Steal Payment Info Linked to German Retailer
A sophisticated network of 71 fraudulent websites impersonating a major German discount retailer has been uncovered, revealing an elaborate scheme designed to steal payment information and personal data from unsuspecting consumers. These sites employ typosquatting techniques, using domain names that…
PupkinStealer Leveraging Web browser Passwords & App Tokens to Exfiltrate Data via Telegram
A sophisticated information-stealing malware dubbed “PupkinStealer” has emerged as a significant threat to Windows users, with initial detections dating back to April 2025. This .NET-based malware specifically targets stored credentials in web browsers and authentication tokens from popular messaging applications,…
CISA Warns of Russian Hackers Attacking Logistics & IT Companies with Windows Utilities
The Cybersecurity and Infrastructure Security Agency (CISA), alongside the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners, released a joint advisory today warning that Russian military intelligence hackers are targeting Western logistics companies and technology…
PowerDNS Vulnerability Let Attackers Trigger DoS Attack Via Malicious TCP Connection
PowerDNS has released a critical update to address a high-severity vulnerability in its DNS proxy and load balancer, DNSdist, that could allow unauthenticated attackers to cause service disruptions through specially crafted TCP connections. The vulnerability, tracked as CVE-2025-30193 with a…
Windows 11 Administrator Protection Enhances Security Against Elevated Privileges Attacks
Microsoft’s upcoming Administrator protection feature for Windows 11 represents a significant architectural overhaul of Windows security, designed to combat the growing threat of privilege escalation attacks. This new security layer addresses the vulnerabilities associated with traditional administrator accounts by implementing…
IBM Warns of One-Third of Cyber Attacks are Highly Sophisticated to Steal Login Credentials
In a concerning revelation from the latest IBM X-Force 2025 Threat Intelligence Index, approximately one-third of cyber attacks now involve highly sophisticated techniques aimed at stealing login credentials rather than employing traditional brute-force hacking methods. The report highlights that 30%…
Cellcom Confirms Cyberattack Following Widespread Service Outage
After nearly a week of disrupted services, Wisconsin-based telecommunications provider Cellcom has officially confirmed that a cyberattack is responsible for the ongoing service outage affecting thousands of customers across its network. The incident, which began on Wednesday, May 14, has…
VanHelsing Ransomware Builder Leaked on Hacking Forums
A significant development in the cybercriminal landscape occurred on May 20, 2025, when the VanHelsing ransomware-as-a-service (RaaS) operation publicly released its source code after an alleged former developer attempted to sell it on the RAMP cybercrime forum. Security researchers have…
3 Ways MSSPs Can Boost Security Operations With Malware Sandbox
Managed Security Service Providers (MSSPs) face constant pressure to deliver accurate detection, fast response, and efficient training without overloading their teams. With cyberattacks becoming more complex and evasive, the right tools can make all the difference. Let’s explore how fully…
SideWinder APT Hackers Exploiting Old Office Flaws to Deliver Malware Bypassing Detections
In a sophisticated campaign targeting high-level government institutions across South Asia, the SideWinder Advanced Persistent Threat (APT) group has been leveraging years-old Microsoft Office vulnerabilities to deliver malware while evading detection. The threat actors are specifically targeting organizations in Sri…
LockBit Internal Data Leak Exposes Payload Creation Patterns & Ransom Demands
In May 2025, the cybersecurity community was granted an unprecedented glimpse into the operations of one of the world’s most notorious ransomware groups when LockBit themselves fell victim to a data breach. The leaked information, made available via a Tor…
Extracting Credentials from Microsoft Deployment Toolkit Shares – Red Teaming
Microsoft Deployment Toolkit (MDT) shares, an often-overlooked infrastructure component, can be a goldmine of credentials for attackers. A new report published by TrustedSec highlights how red teams can easily extract domain administrator credentials from misconfigured MDT deployments, potentially leading to…
Atlassian Warns of Multiple High-Severity Vulnerabilities Hits Data Center Server
Atlassian has released its May 2025 Security Bulletin, disclosing eight high-severity vulnerabilities affecting multiple Data Center and Server products. The security flaws, discovered through the company’s Bug Bounty program, penetration testing, and third-party library scans, could expose enterprise systems to…
100+ Malicious Chrome Extensions Attacking Users to Exfiltrate Login Credentials & Execute Remote Code
A sophisticated campaign involving more than 100 malicious Chrome browser extensions has been discovered targeting users worldwide since February 2024. These malicious extensions employ a deceptive dual-functionality approach, appearing to work as advertised while secretly connecting to attacker-controlled servers to…
Teen Hacker Admits Guilt in Major Cyberattack on PowerSchool
A 19-year-old Massachusetts college student has agreed to plead guilty to a series of federal charges stemming from a sophisticated cyberattack and extortion scheme targeting PowerSchool, the leading student information system provider for K-12 schools in North America. The breach,…
Kettering Health Suffers System Wide Outage Following Ransomware Attack
Kettering Health, a major hospital network operating 14 medical centers across Ohio, confirmed Tuesday it has fallen victim to a ransomware attack that triggered a comprehensive technology failure across its facilities. The cyberattack, which occurred on May 20, 2025, has…
Hackers Could Abuse Google Cloud Platform to Execute Malicious Commands
Security researchers have uncovered a sophisticated attack vector that allows threat actors to exploit serverless computing services offered by Google Cloud Platform (GCP) to execute malicious commands. The vulnerability, dubbed “function confusion,” enables attackers to leverage package installation scripts within…