The IPFire development team has announced the release of IPFire 2.29 Core Update 194, bringing significant security improvements and feature enhancements to the popular open-source firewall distribution. This update, released on March 17, 2025, continues the project’s commitment to providing…
Tag: Cyber Security News
Kimsuky Hacker Group Employs New Phishing Tactics & Malware Infections
North Korean-linked advanced persistent threat (APT) group Kimsuky has deployed sophisticated new phishing tactics and malware payloads in targeted attacks observed in March 2025. The group, known for targeting government entities, think tanks, and individuals related to foreign policy and…
Google Researchers Leverage Mach IPC Messages to Find and Exploit Sandbox Escapes
Google Project Zero has revealed new sandbox escape vulnerabilities by leveraging Mach Interprocess Communication (IPC) mechanisms-core components underpinning Apple’s operating system security model. Their findings, which combine manual reverse engineering and advanced fuzzing techniques, not only expose systemic risks in…
VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations
A moderate-severity vulnerability in VMware Tools could allow attackers with limited privileges to manipulate files and trigger insecure operations within virtual machines. The vulnerability, tracked as CVE-2025-22247, affects both Windows and Linux versions of VMware Tools 11.x.x and 12.x.x, with…
SAP NetWeaver Vulnerability Exploited in Wild by Chinese Hackers
A critical vulnerability in SAP NetWeaver Application Server has become the latest target for Chinese state-sponsored threat actors, with researchers confirming active exploitation in the wild. The zero-day vulnerability, tracked as CVE-2023-7629, affects multiple versions of SAP NetWeaver AS ABAP…
Hackers Leverage JPG Images to Execute Fully Undetectable Ransomware
A sophisticated attack campaign using steganographic techniques to hide malicious code within ordinary JPEG image files, delivering a fully undetectable (FUD) ransomware payload that bypasses traditional security solutions. The attack exploits the metadata structure of JPEG files to conceal PowerShell…
Hackers Exploit Copilot AI for SharePoint to Access Passwords & Other Sensitive Data
Multiple vulnerabilities in Microsoft’s Copilot AI for SharePoint, enabling attackers to access sensitive corporate data including passwords, API keys, and confidential documents. As organizations increasingly adopt AI assistants for productivity gains, these security gaps present significant risks to enterprise data…
Cybercrime Escalates in 2025 as Hackers Target Everyday Devices with Sophisticated Attacks
The global cost of cybercrime is projected to reach $10.5 trillion annually by 2025, underscoring the unprecedented scale of digital threats in an increasingly connected world. This year has seen a dramatic shift in attacker tactics, with malicious actors exploiting…
Microsoft Releases Detailed Guide to Fix Windows Blue Screen Errors
Microsoft has published a comprehensive official guide to troubleshoot and fix the dreaded Blue Screen of Death (BSOD) on Windows 11 and Windows 10 systems. The detailed documentation, updated on May 11, 2025, comes in the wake of several high-profile…
Hackers Exploiting Legacy Protocols in Microsoft Entra ID to Bypass MFA & Conditional Access
A sophisticated campaign targeting Microsoft Entra ID through legacy authentication protocols has been uncovered, operating between March 18 and April 7, 2025. The attackers specifically exploited outdated authentication methods to circumvent modern security controls, creating a concerning backdoor into enterprise…
Major Retail Chains Suffer Data Breaches Amid Rising Cyber Threats to Consumer Trust
A wave of cyberattacks targeting major retail chains has intensified concerns about data security and consumer trust. British retailers Marks & Spencer, Harrods, and Co-op are the latest casualties in a global surge of ransomware and phishing campaigns. These incidents,…
PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability
A critical Proof-of-Concept (PoC) exploit has been released for a significant vulnerability in the Linux kernel’s nftables subsystem, tracked as CVE-2024-26809. This flaw, rooted in the kernel’s netfilter infrastructure, exposes affected systems to local privilege escalation through a sophisticated double-free…
New Phishing Attack Abusing Blob URLs to Bypass SEGs and Evade Analysis
Cybersecurity experts have identified a sophisticated phishing technique that exploits blob URIs (Uniform Resource Identifiers) to evade detection by Secure Email Gateways (SEGs) and security analysis tools. This emerging attack method leverages the unique properties of blob URIs, which are…
Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution
Defendnot, a sophisticated new tool that effectively disables Windows Defender by exploiting the Windows Security Center (WSC) API to register itself as a legitimate antivirus solution. The Windows Security Center service is designed to ensure Windows computers maintain adequate security…
Critical Vulnerabilities in Mitel SIP Phones Let Attackers Inject Malicious Commands
Security researchers have discovered two significant vulnerabilities affecting Mitel’s suite of SIP phones that could allow attackers to execute arbitrary commands and upload malicious files. The more severe vulnerability, identified as CVE-2025-47188, received a critical CVSS score of 9.8 and…
Microsoft Teams To Block Screen Capture During Meetings
Microsoft has announced a new “Prevent Screen Capture” feature for Teams that will block unauthorized screenshots during meetings. The feature, scheduled for worldwide rollout in July 2025, represents Microsoft’s continued focus on enterprise security and regulatory compliance in an era…
“PupkinStealer” A New .NET-Based Malware Steals Browser Credentials & Exfiltrate via Telegram
A newly identified information-stealing malware, dubbed PupkinStealer, Developed in C# using the .NET framework, this lightweight yet effective malware targets sensitive user data, including browser credentials, desktop files, messaging app sessions, and screenshots. According to a CYFIRMA detailed analysis shared…
Beware! Fake AI Video Generation Platforms Drop Stealer Malware on Your Computers
As artificial intelligence (AI) tools gain mainstream traction for content creation, cybercriminals are capitalizing on the hype with a sophisticated new attack vector, fake AI platforms promising advanced video and image editing capabilities. These fraudulent sites, amplified through viral social…
20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly
In a coordinated effort, Lumen Technologies’ Black Lotus Labs, the U.S. Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Dutch National Police have dismantled a sophisticated criminal proxy network that has operated since 2004. The botnet,…
Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors
A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells…