A critical vulnerability in Lenovo’s Dispatcher drivers has come under the spotlight after researchers released a proof-of-concept exploit that demonstrates privilege escalation on affected Windows systems. Identified as CVE-2025-8061, this flaw stems from insufficient access controls in the drivers, potentially…
Tag: Cyber Security News
New WhatsApp Worm Attacks Users with Banking Malware to Users Login Credentials
Security researchers have identified a sophisticated malware campaign that exploits WhatsApp’s messaging platform to deploy banking trojans targeting Brazilian financial institutions and cryptocurrency exchanges. The self-propagating worm, which emerged on September 29, 2025, demonstrates advanced evasion techniques and multi-stage infection…
Microsoft Intune MDM and Entra ID Leveraged to Elevate your Trust in Device Identity
New research uncovers valuable insights hidden within Microsoft Intune’s Mobile Device Management (MDM) certificates, offering a more reliable way to verify device and tenant identities compared to traditional methods like registry values. These certificates, issued to enrolled devices, contain Object…
Threat Actors Weaponize Discord Webhooks for Command and Control with npm, PyPI, and Ruby Packages
Cybercriminals have discovered a novel way to co-opt Discord webhooks as surrogate command-and-control (C2) channels across popular language ecosystems. Unlike traditional C2 servers, webhooks offer free, low-profile exfiltration that blends seamlessly into legitimate HTTPS traffic. Over the past month, malicious…
New RMPocalypse Attack Let Hackers Break AMD SEV-SNP To Exfiltrate Confidential Data
A critical vulnerability in AMD’s Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP), a cornerstone of confidential computing deployed by major cloud providers like AWS, Azure, and Google Cloud. Dubbed RMPocalypse, the attack exploits a flaw in the initialization of…
Astaroth Banking Malware Leveraging GitHub to Host Malware Configurations
A new wave of the Astaroth banking trojan has emerged, leveraging a novel approach to distribute its malicious configuration files. First detected in late 2025, this latest campaign employs GitHub’s raw content service to host encrypted JSON configurations containing target…
New Stealit Malware Attacking Windows Systems Abuses Node.js Extensions
A sophisticated new malware campaign targeting Windows systems has emerged, leveraging Node.js Single Executable Application (SEA) features to distribute malicious payloads while evading traditional detection mechanisms. The Stealit malware represents a significant evolution in malware-as-a-service operations, combining advanced obfuscation techniques…
Happy DOM Vulnerability Exposes 2.7 Million Users To Remote Code Execution Attacks
A significant security flaw has been discovered in Happy DOM, a popular JavaScript DOM implementation, affecting versions up to v19. This vulnerability places systems at risk of Remote Code Execution (RCE) attacks, potentially impacting the package’s 2.7 million weekly users.…
EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed
A recent analysis from researcher Itamar Hällström has revealed the technical workings and forensic trail of “EDR-Freeze,” a proof-of-concept technique that temporarily disables security software. By abusing legitimate Windows components, this method can place Endpoint Detection and Response (EDR) and…
SonicWall SSLVPN Under Attack Following the Breach of All Customers’ Firewall Backups
A surge in attacks targeting SonicWall SSLVPN devices, affecting numerous customer networks, just weeks after a major breach exposed sensitive firewall data. Starting October 4, 2025, threat actors have rapidly authenticated into over 100 accounts across 16 environments, using what…
RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
An open-source tool called RealBlindingEDR enables attackers to blind, permanently disable, or terminate antivirus (AV) and endpoint detection and response (EDR) software by clearing critical kernel callbacks on Windows systems. Released on GitHub in late 2023, the utility leverages signed…
Oracle E-Business Suite RCE Vulnerability Exposes Sensitive Data to Hackers Without Authentication
Oracle has disclosed a critical vulnerability in its E-Business Suite that enables unauthenticated attackers to remotely access sensitive data, raising alarms for enterprises relying on the platform for core operations. Tracked as CVE-2025-61884, the flaw affects the Oracle Configurator component…
Cybersecurity Newsletter Weekly – Discord, Red Hat Data Breach, 7-Zip Vulnerabilities and Sonicwall Firewall Hack
Welcome to this week’s edition of the Cybersecurity Newsletter Weekly, where we dive into the most pressing threats and vulnerabilities shaping the digital landscape. As cyber risks continue to evolve at breakneck speed, our October 12, 2025, roundup spotlights a…
VirusTotal Simplifies User Options With Platform Access and New Contributor Model
VirusTotal (VT) is making important changes to its platform access and pricing. These updates aim to improve accessibility and strengthen its commitment to collaboration. The initiative, detailed in a recent company announcement, aims to simplify user options while reinforcing VT’s…
Hackers Can Inject Malicious Code into Antivirus Processes to Create a Backdoor
A new technique enables attackers to exploit antivirus software by injecting harmful code directly into the antivirus processes. This approach makes it easier for them to evade detection and compromise the security that antivirus software is designed to provide. This…
Microsoft Defender Vulnerabilities Allow Attackers to Bypass Authentication and Upload Malicious Files
Critical flaws uncovered in the network communication between Microsoft Defender for Endpoint (DFE) and its cloud services, allowing post-breach attackers to bypass authentication, spoof data, disclose sensitive information, and even upload malicious files to investigation packages. These vulnerabilities, detailed in…
Microsoft Fixes Long-standing Windows 11 ‘Update and Shut down’ Bug
Microsoft has rolled out a fix in its latest preview builds to resolve a notorious glitch with the “update and shut down” feature. This long-standing issue, which has haunted the operating system for years, tricked users into believing their PCs were powering off when updates were pending, only for the machines to restart unexpectedly and disrupt sleep cycles with noisy fans. The…
Hackers Attacking Remote Desktop Protocol Services from 100,000+ IP Addresses
A massive, coordinated botnet campaign is actively targeting Remote Desktop Protocol (RDP) services across the United States. Security firm GreyNoise reported on October 8, 2025, that it has been tracking a significant wave of attacks originating from over 100,000 unique…
5 Immediate Steps to be Followed After Clicking on a Malicious Link
Clicking on a malicious link can quickly turn your device into a security risk. Just seconds after clicking, your browser might start downloading malware, taking advantage of weaknesses, or sending you to fake websites that try to steal your personal…
New Kali Tool llm-tools-nmap Uses Nmap For Network Scanning Capabilities
Along with the release of Kali Linux 2025.3, a major update introduces an innovative tool that combines artificial intelligence and cybersecurity: the llm-tools-nmap. A new experimental plugin, llm-tools-nmap, has been released, providing Simon Willison’s command-line Large Language Model (LLM) tool with…