CISA has issued an urgent alert after adding five new Microsoft Windows zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities, which affect core Windows components, have been flagged as…
Tag: Cyber Security News
Microsoft Outlook Down – Millions of Users Affected With This Longest Outage in Microsoft History
A widespread outage affecting Microsoft 365 services has left users across the globe unable to access key platforms, including Outlook, Hotmail, and the main Microsoft 365 website, since Wednesday evening. The disruption, which began at 10:30 PM UTC on May…
Chihuahua Stealer Leverages Google Drive Document to Steal Browser Login Credentials
A newly discovered .NET-based infostealer dubbed “Chihuahua Stealer” has emerged as a significant threat, exploiting Google Drive documents to deliver malicious PowerShell scripts and steal sensitive data. First identified by G DATA analysts in April 2025, the malware targets browser…
New DarkCloud Stealer Uses AutoIt to Evade Detection & Steal Login Credentials
A new variant of the DarkCloud information-stealing malware has emerged, leveraging the AutoIt scripting language to bypass security tools and harvest sensitive credentials from infected systems. Dubbed DarkCloud Stealer v4, the malware has targeted financial institutions, healthcare organizations, and e-commerce…
TransferLoader Malware Allows Attackers to Execute Arbitrary Commands on Compromised System
A newly identified malware loader dubbed TransferLoader has emerged as a critical threat, enabling attackers to execute arbitrary commands on compromised systems and deliver payloads such as the Morpheus ransomware. First detected in February 2025 by Zscaler ThreatLabz researchers, this…
Xerox Issues April 2025 Security Patch Update for FreeFlow Print Server v2
Xerox has announced the release of its April 2025 Security Patch Update for the FreeFlow® Print Server v2 running on Windows® 10, reinforcing the company’s commitment to robust cybersecurity for its production print platforms. The update, officially released on May…
Russian Hackers Exploiting MDaemon 0-Day Vulnerability to Hack Webmail Servers
A recently uncovered cyber-espionage campaign linked to Russian state-sponsored actors has been targeting enterprise webmail servers using a critical zero-day vulnerability in MDaemon, a widely used email server software. Dubbed “MailStorm” by researchers, the campaign exploits an unpatched buffer overflow…
Hackers Disguised Remote Access Malware as Microsoft Edge service
A sophisticated backdoor campaign in which attackers cleverly disguised remote access malware as a legitimate Microsoft Edge service. The malicious Mesh agent, masquerading under the path C:\Program Files\Microsoft\MicrosoftEdge\msedge.exe, was found running on multiple computers and servers across the affected network.…
Threat Actors Using Weaponized HTML Files to Deliver Horabot Malware
A new wave of sophisticated phishing campaigns targeting Spanish-speaking users in Latin America has emerged, leveraging weaponized HTML files to deploy the Horabot malware. First identified in April 2025 by Fortinet’s FortiGuard Labs, Horabot combines credential theft, email automation, and…
Interlock Ransomware Attacking Defense Contractors and Their Supply Chains
A dangerous ransomware operation dubbed Interlock has escalated its focus on defense contractors and their supply chains, jeopardizing sensitive military logistics, intellectual property, and national security. First observed in September 2024, the group employs “big-game hunting” tactics-targeting high-value organizations-and double…
Enisa Launches European Vulnerability Database to Enhance Digital Security
The European Union has taken a significant leap forward in its digital security strategy with the official launch of the European Vulnerability Database (EUVD), developed and maintained by the European Union Agency for Cybersecurity (ENISA). Announced on May 13, 2025,…
TA406 Hackers Attacking to Attack Government Entities to Steal Login Credentials
A Democratic People’s Republic of Korea (DPRK)-linked threat actor tracked as TA406 has intensified cyber espionage efforts against Ukrainian government entities since February 2025, deploying sophisticated phishing campaigns aimed at stealing login credentials and deploying reconnaissance malware. The group, which…
Researchers Unveiled a New Mechanism to Track Compartmentalized Threats
In May 2025, cybersecurity researchers from Cisco Talos and The Vertex Project announced a groundbreaking methodology to combat the rising trend of compartmentalized cyberattacks, where multiple threat actors collaborate to execute distinct stages of an intrusion. This shift from single-actor…
Node.js Vulnerability Allows Attackers to Crash the Process & Halt Services
The Node.js project has issued urgent security updates after disclosing a high-severity vulnerability that could allow remote attackers to crash Node.js processes, potentially halting critical services and causing widespread denial of service across affected systems. High-Severity Flaw: CVE-2025-23166 The vulnerability,…
Xanthorox – New BlackHat AI Tool Used to Launch Phishing & Malware Attacks
The Xanthorox tool first appeared on dark web forums and cybersecurity blogs in April 2025. Xanthorox is not just another rogue AI chatbot; it is a purpose-built, self-hosted artificial intelligence platform designed from the ground up to facilitate cybercrime. Unlike previous blackhat…
Threat Actors Exploit AI & LLM Tools to Begun Using Them as Offensive Tools
Cybercriminals are increasingly weaponizing generative AI and large language models (LLMs) like ChatGPT, Claude, and DeepSeek to automate exploit development, bypass security safeguards, and refine malware campaigns. According to a recent report by the S2W Threat Intelligence Center (TALON), dark…
New HTTPBot Botnet Expanding Aggressively to Attack Windows Machines
A new botnet family named HTTPBot has emerged as a critical threat to the Windows ecosystem, leveraging sophisticated HTTP-based distributed denial-of-service (DDoS) attacks to disrupt high-value targets. First observed in August 2024, HTTPBot’s activity surged in April 2025, with attacks…
Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems
The healthcare sector faces an unprecedented surge in cyberattacks from nation-state actors seeking to disrupt critical IT infrastructure and operational technology (OT) systems. Since early 2024, advanced persistent threat (APT) groups linked to Iran, North Korea, and China have exploited…
macOS Security Guide – Safeguarding Against Adware and Malware
As macOS adoption grows, so does its attractiveness to cybercriminals. Recent reports reveal a 60% surge in macOS market share over three years, correlating with a dramatic escalation in sophisticated adware, infostealers, and malware-as-a-service (MaaS) campaigns. While Apple’s built-in defenses,…
BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released
A critical vulnerability in Microsoft’s BitLocker full disk encryption, demonstrating that it can be bypassed in under five minutes using a software-only attack dubbed “Bitpixie” (CVE-2023-21563). A public proof-of-concept (PoC) exploit has now been released, highlighting the severity of the…