Tech giant Google has officially acknowledged a significant data breach affecting its corporate Salesforce database, with the company completing email notifications to affected users as of August 8, 2025. Google revealed on August 5 that one of its corporate Salesforce…
Tag: Cyber Security News
Darknet Market Escrow Systems is Vulnerable to Administrator Exit Scams
Darknet markets, operating beyond the reach of traditional payment processors and legal systems, rely on escrow systems to secure cryptocurrency transactions between buyers and vendors. These systems, using multisignature wallets and automated release mechanisms, aim to ensure transaction security and…
ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive
A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the initial file sharing. The attack, dubbed “AgentFlayer,” represents a new class of zero-click exploits targeting…
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature
August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges from within the Chrome renderer sandbox on Linux systems. Google Project Zero researcher Jann Horn…
5,000+ Fake Online Pharmacies Websites Selling Counterfeit Medicines
A sophisticated cybercriminal enterprise operating over 5,000 fraudulent online pharmacy websites has been exposed in a comprehensive investigation, revealing one of the largest pharmaceutical fraud networks ever documented. This massive operation, orchestrated by a single threat actor group, targets vulnerable…
Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email
A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat to cryptocurrency users worldwide, employing a multi-vector approach that combines compromised WordPress websites, malicious torrents, and deceptive email campaigns. First detected in October 2024, this ClipBanker-type Trojan has…
Threat Actors Using Typosquatted PyPI Packages to Steal Cryptocurrency from Bittensor Wallets
A sophisticated cryptocurrency theft campaign has emerged targeting the Bittensor ecosystem through malicious Python packages distributed via the Python Package Index (PyPI). The attack leverages typosquatting techniques to deceive developers and users into installing compromised versions of legitimate Bittensor packages,…
28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online
Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released on August 7, 2025, by The Shadowserver Foundation. The Cybersecurity and Infrastructure…
DarkCloud Stealer Employs New Infection Chain and ConfuserEx-Based Obfuscation
A sophisticated information-stealing malware campaign has emerged, utilizing advanced obfuscation techniques and multiple infection vectors to evade traditional security controls. The DarkCloud Stealer, first documented in recent threat intelligence reports, represents a significant evolution in cybercriminal tactics, employing a complex…
BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices in a matter of minutes. The research, conducted by Alon Leviev and…
CastleBot Malware-as-a-Service Deploys Range of Payloads Linked to Ransomware Attacks
A sophisticated new malware framework named CastleBot has emerged as a significant threat to cybersecurity, operating as a Malware-as-a-Service (MaaS) platform that enables cybercriminals to deploy diverse malicious payloads ranging from infostealers to backdoors linked to ransomware attacks. First appearing…
Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack
Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educational institutions, and Fortune 500 companies. The Swedish security camera manufacturer’s popular video surveillance products contain…
New Windows-Based DarkCloud Stealer Attacking Computers to Steal Login Credentials and Financial Data
A sophisticated new variant of the DarkCloud information stealer has emerged in the cyberthreat landscape, targeting Windows users through carefully crafted phishing campaigns designed to harvest sensitive credentials and financial information. This fileless malware variant represents a significant evolution in…
VexTrio TDS System Developing Several Malicious Apps Mimic as VPNs to Publish in Google Play and App Store
The notorious VexTrio traffic distribution system (TDS) has expanded its cybercriminal operations beyond traditional web-based scams to include the development and distribution of malicious mobile applications designed to masquerade as legitimate VPN services..This sophisticated threat actor, which has maintained a…
PyPI Released Advisory to Prevent ZIP Parser Confusion Attacks on Python Package Installers
In recent months, security researchers have uncovered a novel attack vector targeting Python package installers through ambiguities in the ZIP archive format. By exploiting discrepancies between local file headers and the central directory, malicious actors can craft seemingly benign wheel…
US Confirms Shutdown of BlackSuit Ransomware That Hacked Over 450 Organizations
U.S. authorities have announced the successful dismantling of the BlackSuit ransomware operation, a notorious group linked to attacks on more than 450 organizations worldwide. The operation, led by Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI), involved seizing servers,…
Threat Actors Weaponize Malicious Gopackages to Deliver Obfuscated Remote Payloads
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting the Go ecosystem through eleven malicious packages that employ advanced obfuscation techniques to deliver second-stage payloads. The campaign demonstrates a concerning evolution in supply chain attacks, leveraging the decentralized nature of…
Windows User Account Control Bypassed Using Character Editor to Escalate Privileges
A sophisticated new technique that exploits the Windows Private Character Editor to bypass User Account Control (UAC) and achieve privilege escalation without user intervention, raising significant concerns for system administrators worldwide. The attack disclosed by Matan Bahar leverages eudcedit.exeMicrosoft’s built-in…
RubyGems Malware Attack Weaponizes 60+ Packages to Steal Credentials from Social Media and Marketing Tools
Threat actors began slipping malicious code into legitimate RubyGems packages, disguising infostealers as social media automation tools in early 2023. Over the past two years, attackers operating under aliases such as zon, nowon, kwonsoonje, and soonje have published more than…
Columbia University Data Breach – Hackers Stolen 870,000 Individuals Personal and Financial Data
Columbia University has disclosed a major cybersecurity incident where an unauthorized third party accessed and extracted a significant volume of personal and financial data. The breach, which affects a vast number of individuals connected to the university, was discovered following…