In 2024, the healthcare sector faced an unprecedented wave of cyber attacks, with 276 million patient records exposed globally. Among the most insidious threats was MedStealer, a malware strain that targeted electronic health records (EHRs), insurance databases, and patient portals.…
Tag: Cyber Security News
Hardening Windows Servers – Top Strategies to Prevent Exploits in 2025
As organizations face sophisticated cyber threats in 2025, securing Windows Server environments has become more critical than ever. With the release of Windows Server 2025, Microsoft has introduced enhanced security features and hardening capabilities designed to protect against the latest…
Linux Security Essentials – Protecting Servers from Supply Chain Attacks
The Linux ecosystem, long celebrated for its open-source ethos and robust security architecture, faces an escalating threat landscape dominated by sophisticated supply chain attacks. Recent incidents, including the near-catastrophic XZ Utils backdoor, malicious Go modules delivering disk-wiping payloads, and compromised…
New Weaponized PyPI Package Attacking Developers to Steal Source Code
A newly discovered malicious Python package, solana-token, has been weaponized to steal source code and sensitive secrets from developers working on Solana blockchain applications. Uploaded to the Python Package Index (PyPI), the module masqueraded as a legitimate utility for Solana-based…
Authorities Arrested 17 Criminal Bankers, EUR 4.5 Million Seized
Europol announced on May 14 that law enforcement agencies have dismantled a sophisticated criminal parallel banking network operating across multiple European countries. The operation, conducted on January 14, 2025, resulted in the arrest of 17 individuals and the seizure of…
Google Chrome 0-Day Vulnerability Exploited in the Wild – Update Now
Google has released an urgent security update for Chrome to patch a critical vulnerability that hackers are actively exploiting in the wild. The tech giant announced yesterday that Chrome’s Stable channel has been updated to version 136.0.7103.113/.114 for Windows and…
Cybersecurity Industry Gains $1.7 Billion to Develop Cutting-Edge Protection Technologies
As digital threats grow in sophistication, the cybersecurity sector has ignited a funding frenzy, with startups raising $1.7 billion in April 2025 alone ahead of the RSA Conference in San Francisco. This influx underscores investor confidence in technologies poised to redefine global…
Identity Theft Surges as Criminals Deploy Advanced Tactics to Steal Personal Data
Identity theft has reached unprecedented levels in 2024, fueled by increasingly sophisticated criminal tactics that exploit technological advancements and systemic vulnerabilities. Recent reports from law enforcement, cybersecurity firms, and regulatory agencies reveal a stark escalation in the volume and complexity…
Hackers Exploit Software Flaws within Hours Forcing Urgent Push for Faster Patches
The race between cybersecurity professionals and malicious hackers has reached alarming speeds in 2025, with new data revealing that more than a quarter of software vulnerabilities are now exploited within 24 hours of disclosure. This rapidly shrinking window between vulnerability…
Global Powers Intensify Cyber Warfare with Covert Digital Strikes on Critical Systems
The digital frontlines of modern conflict have expanded dramatically in 2025, with state-sponsored hackers from China, Russia, North Korea, and Iran executing sophisticated attacks against energy grids, telecommunications networks, and transportation systems worldwide. These operations, often masked as routine cybercrime,…
Top 5 WMIC Commands Used By Malware
Malware doesn’t need fancy tools to be dangerous. Sometimes, all it takes is WMIC, a quiet, native utility that’s still doing damage. In the past weeks, we’ve seen a consistent pattern in some ANY.RUN sandbox sessions: malware keeps reaching for…
Weaponized Google Calendar Invites Delivers Malicious Payload With Just One Character
A new attack vector where cybercriminals are weaponizing Google Calendar invites to deliver malware, using a sophisticated obfuscation technique involving just a single visible character that hides malicious code. This discovery highlights how threat actors are evolving their tactics to…
Critical Adobe Illustrator Vulnerability Let Attackers Execute Malicious Code
Adobe has released a critical security update for its popular design software Illustrator, addressing a severe vulnerability that could allow attackers to execute arbitrary code on targeted systems. The security bulletin details a heap-based buffer overflow vulnerability that affects multiple…
Entro Security and Wiz Announce Integration for Improved Non-Human Identity & Cloud Security
Entro Security, a pioneer in Non-Human Identity (NHI) and Secrets Security, and Wiz, a leading cloud security platform, have announced a strategic partnership that brings together Entro’s NHI security platform with Wiz’s Data Security Posture Management (DSPM) capabilities. Announced on…
Adobe Photoshop Vulnerability Let Attackers Execute Arbitrary Code
Adobe has released critical security updates for Photoshop on both Windows and macOS platforms after discovering multiple severe vulnerabilities that could allow attackers to execute arbitrary code on victims’ systems. The security bulletin addresses three critical flaws affecting Photoshop 2025…
Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File
Samsung has disclosed a critical security vulnerability (CVE-2025-4632) affecting its MagicINFO 9 Server platform, a widely deployed content management system used for digital signage across retail, transportation, healthcare, and corporate environments worldwide. The flaw allows unauthenticated attackers to write arbitrary…
Windows Remote Desktop Gateway Vulnerability Let Attackers Trigger Dos Condition
Microsoft Security Response Center (MSRC) has released important security updates to address a critical vulnerability in Windows Remote Desktop Gateway (RD) service tracked as CVE-2025-26677 that could allow unauthorized attackers to trigger denial of service (DoS) conditions, potentially disrupting remote…
Researchers Detailed New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
Cybersecurity experts have unveiled sophisticated techniques to identify potential abuse of Azure Managed Identities (MIs), addressing a critical but often overlooked security concern in cloud environments. Azure MIs streamline credential management by eliminating the need for manual secret handling, yet…
Outlook RCE Vulnerability Allows Attackers to Execute Arbitrary Code
Microsoft addressed a significant security flaw in its Outlook email client during the May 2025 Patch Tuesday, releasing fixes for 72 vulnerabilities across its ecosystem. Among these, CVE-2025-32705-a remote code execution (RCE) vulnerability in Microsoft Outlook has drawn attention due…
Earth Ammit Hackers Attacking Using New Tools to Attack Drones Used in Military Sectors
A sophisticated threat actor known as Earth Ammit has launched coordinated multi-wave attacks targeting drone supply chains, primarily in Taiwan’s military and satellite industries. The group, which security researchers have linked to Chinese-speaking APT groups, has executed two distinct campaigns…