A sophisticated new attack campaign has emerged targeting Israeli businesses and infrastructure sectors through a deceptive social engineering technique known as “ClickFix,” which tricks users into executing malicious PowerShell commands on their Windows systems. The multi-stage attack chain begins with…
Tag: Cyber Security News
Erlang/OTP SSH RCE Vulnerability Exploited in the Wild to Attack Across OT Networks
A critical remote code execution vulnerability in Erlang/OTP’s SSH daemon has been actively exploited in the wild, with cybercriminals targeting operational technology networks across multiple industries. CVE-2025-32433, carrying the maximum CVSS score of 10.0, allows unauthenticated attackers to execute arbitrary…
Hackers Behind $100 Million Romance Scams and Other Frauds Extradited to US
Four Ghanaian nationals orchestrating an international cybercrime operation that defrauded victims of over $100 million through sophisticated romance scams and business email compromise attacks have been extradited to the United States. The criminal organization, led by Isaac Oduro Boateng, Inusah…
Linux Legitimate System Behaviours Weaponized to Harvest Secrets from Shared Environments
A significant vulnerability in multi-user Linux environments, where standard system behaviors can be exploited to harvest sensitive credentials and secrets from other users. The research, presented in “Silent Leaks: Harvesting Secrets from Shared Linux Environments,” demonstrates how legitimate system tools…
UAC‑0099 Tactics, Techniques, Procedures and Attack Methods Unveiled
UAC‑0099, a sophisticated threat actor group that has been active since at least 2022, continues to pose a significant cybersecurity threat through its evolving cyber-espionage campaigns targeting Ukrainian government agencies, military organizations, and defense-industrial entities. The group has demonstrated remarkable…
CastleLoader Malware Infected Over 400+ Devices Using Cloudflare-Themed ClickFix Phishing Attack
CastleLoader, a sophisticated malware loader that emerged in early 2025, has successfully compromised 469 devices out of 1,634 infection attempts since May 2025, achieving an alarming 28.7% infection rate. This versatile threat has primarily targeted U.S. government entities through advanced…
Silent Watcher Attacking Windows Systems and Exfiltrate Data Using Discord Webhook
A sophisticated Visual Basic Script (VBS) malware dubbed “Silent Watcher” has emerged as a persistent threat targeting Windows systems, demonstrating advanced data exfiltration capabilities through Discord webhooks. This stealer, part of the Cmimai malware family, represents a concerning evolution in…
Meta’s New Feature Transforms Instagram to a New Real-Time Location Broadcaster
Meta has introduced a groundbreaking feature that fundamentally transforms Instagram from a traditional photo-sharing platform into a comprehensive real-time location broadcasting system. The new “Map” functionality represents a significant architectural shift in social media design, enabling users to continuously transmit…
SoupDealer Malware Bypasses Every Sandbox, AV’s and EDR/XDR in Real-World Incidents
In early August 2025, cybersecurity teams in Türkiye observed a new, highly evasive Java‐based loader that slipped past every public sandbox, antivirus solution, and even enterprise EDR/XDR platforms. This threat—codenamed SoupDealer—surfaced as a phishing campaign distributing a three‐stage loader via…
Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks
A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target systems without detection. The research, presented at DEF CON 2025, demonstrates the first known case…
Hackers Poison Google Paid Ads With Fake Tesla Websites to Deliver Malware
In recent weeks, a flurry of sponsored listings promising preorders for Tesla’s anticipated Optimus robots began appearing at the top of Google search results. These advertisements directed unsuspecting users to counterfeit microsites mimicking Tesla’s design, purporting to accept $250 “non-refundable”…
What is ClickFix Attack – How Hackers are Using it to Attack User Device With Malware
ClickFix has emerged as one of the most dangerous and rapidly growing cybersecurity threats of 2025, representing a sophisticated evolution in social engineering attacks. This deceptive technique has surged by an unprecedented 517% in the first half of 2025, becoming…
ClickFix Malware Attacks macOS Users to Steal Login Credentials
In recent months, security researchers have observed a novel phishing campaign targeting macOS users under the guise of a CAPTCHA verification process. This attack, dubbed “ClickFix,” leverages a blend of social engineering and operating system detection to coax victims into…
AI Coding Assistant Creating a Perfect Blueprints for Attackers
The cybersecurity landscape faces an unprecedented threat as artificial intelligence coding assistants inadvertently transform into reconnaissance tools for malicious actors. A recent investigation reveals how developers’ interactions with AI tools like Claude CLI and GitHub Copilot are creating comprehensive attack…
SSHamble – New Open Source Tool to Exploit Vulnerabilities in SSH Protocol
SSHAmble is a powerful open-source reconnaissance tool designed to identify and exploit vulnerabilities in SSH implementations across internet-facing systems. Presented at DEFCON 33, this research tool has already uncovered significant security flaws in major networking equipment and exposed widespread SSH…
Xerox FreeFlow Vulnerabilities leads to SSRF and RCE Attacks
An urgent security update has been released for Xerox FreeFlow Core software, addressing two critical vulnerabilities that could allow attackers to execute remote code and perform server-side request forgery attacks. The vulnerabilities, identified as CVE-2025-8355 and CVE-2025-8356, affect FreeFlow Core…
APT Sidewinder Spoofs Government and Military Institutions to Steal Login Credentials
APT Sidewinder, a persistent threat actor believed to originate from South Asia, has launched a sophisticated credential harvesting campaign targeting government and military entities across Bangladesh, Nepal, Turkey, and neighboring countries. The group has demonstrated remarkable adaptability in their phishing…
7-Zip Arbitrary File Write Vulnerability Allows Attackers to Execute Code
A newly disclosed security vulnerability in the popular 7-Zip file compression software has raised significant concerns in the cybersecurity community. CVE-2025-55188, discovered and reported by security researcher Landon on August 9, 2025, allows attackers to perform arbitrary file writes during…
GPT-5 Jailbreaked With Echo Chamber and Storytelling Attacks
Researchers have compromised OpenAI’s latest GPT-5 model using sophisticated echo chamber and storytelling attack vectors, revealing critical vulnerabilities in the company’s most advanced AI system. The breakthrough demonstrates how adversarial prompt engineering can bypass even the most robust safety mechanisms,…
New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Server/Endpoint, Domain Controllers Into DDoS Botnet
LAS VEGAS — At the DEF CON 33 security conference, researchers Yair and Shahak Morag of SafeBreach Labs unveiled a new class of denial-of-service (DoS) attacks, dubbed the “Win-DoS Epidemic.” The duo presented their findings, which include four new Windows…