Tag: Cyber Security News

The cybersecurity landscape is witnessing a significant shift as threat actors increasingly leverage Ransomware as a Service (RaaS) platforms enhanced by sophisticated Endpoint Detection and Response (EDR) killers. Despite successful law enforcement operations against established ransomware gangs like LockBit, new…

Read more →

In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented a dramatic surge in phishing attacks, with threat actors increasingly using this vector to gain access to valid user accounts. According to recent incident response…

Read more →

A new Ransomware-as-a-Service (RaaS) group called RansomHub emerged in the cybercriminal ecosystem, specializing in targeting high-profile organizations through sophisticated attack vectors. The group advertises its criminal services on the Russian Anonymous Market Place (RAMP), a notorious Dark Web forum known…

Read more →

China claims that the United States conducted a targeted cyberattack against one of its leading commercial encryption providers.  A newly released report from China’s National Computer Network Emergency Response Technical Team (CNCERT) alleges that U.S. intelligence agencies used advanced hacking…

Read more →

A significant surge in sophisticated cyber threats has emerged across Asia, with NSFOCUS Fuying Laboratory identifying 19 distinct Advanced Persistent Threat (APT) attack activities in March 2025. These coordinated campaigns primarily targeted organizations in South Asia and East Asia, with…

Read more →

A critical security vulnerability in SEIKO EPSON printer drivers for Windows has been identified, allowing malicious actors to execute arbitrary code with SYSTEM-level privileges.  The vulnerability, tracked as CVE-2025-42598, was published by JPCERT/CC on April 28, 2025, and affects a…

Read more →

BreachForums, a notorious cybercrime marketplace and successor to RaidForums, has confirmed that its platform was the target of a sophisticated law enforcement operation exploiting a previously unknown vulnerability, commonly referred to as a “0-day”, in the MyBB forum software.  The…

Read more →

SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer with the highest possible CVSS score of 10.0.  This vulnerability stems from a missing authorization check in the Metadata Uploader component, allowing unauthenticated…

Read more →

As Microsoft continues to refine Windows 11, new leaks and technical insights indicate that the upcoming 25H2 update, slated for release in September or October 2025, will likely be a minor iteration.  Unlike the more substantial updates seen in previous…

Read more →

A sophisticated new red team tool called RedExt has recently been released, combining a Manifest V3 Chrome extension with a Flask-based Command and Control (C2) server to create a powerful framework for authorized security operations.  This innovative tool enables comprehensive…

Read more →

A massive power outage struck the Iberian Peninsula on April 28, 2025, plunging millions of people into darkness as electricity supplies were suddenly cut across Spain and Portugal. Sources from the electric sector suggest a cyberattack is the most likely…

Read more →

The dark web has rapidly become a central hub for cybercriminal activity, where stolen data, compromised credentials, and malicious tools are traded with alarming frequency. For Chief Information Security Officers (CISOs), this shadowy underworld poses a persistent and evolving threat…

Read more →

ESET, a global leader in cybersecurity solutions, has announced a significant enhancement to its ESET Endpoint Management Platform (ESET PROTECT), unveiling a seamless integration with Splunk, one of the world’s leading security information and event management (SIEM) platforms. This move…

Read more →

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) has revealed unprecedented financial damages from cyber threats in 2024. According to the FBI’s annual report, victims reported a staggering $16.6 billion (approximately ₹1.38 lakh crore) in losses, marking a…

Read more →

In an era where cyber threats are growing in sophistication and frequency, Chief Information Security Officers (CISOs) face immense pressure to select cybersecurity vendors that address immediate technical needs and align with broader business objectives. The rapid evolution of threats,…

Read more →

Significant security flaws have been discovered in React Router, a widely-used routing library for React applications, potentially allowing attackers to corrupt content, poison caches, and manipulate pre-rendered data.  The vulnerabilities, which impact applications running in Framework mode with server-side rendering…

Read more →

A critical vulnerability in the FastCGI library could allow attackers to execute arbitrary code on embedded devices.  The flaw, tracked as CVE-2025-23016 with a CVSS score of 9.3, affects all FastCGI fcgi2 (aka fcgi) versions 2.x through 2.4.4 and poses…

Read more →

Third-party vendors are indispensable to modern enterprises, offering specialized services, cost efficiencies, and scalability. However, they also introduce significant cybersecurity risks that can compromise sensitive data, disrupt operations, and damage organizational reputation. For Chief Information Security Officers (CISOs), effectively assessing…

Read more →

A sophisticated threat actor group, tracked as Storm-1977, has successfully compromised more than 200 containers and repurposed them for cryptocurrency mining operations, using a custom Command Line Interface (CLI) tool known as AzureChecker. The attacks primarily targeted cloud tenants in…

Read more →

A new threat actor is offering an enhanced version of HiddenMiner, a sophisticated cryptomining malware targeting Monero (XMR) cryptocurrency.  This customized tool, being sold on underground forums, combines advanced evasion techniques with an accessible user interface, potentially lowering the barrier…

Read more →