Managed service providers (MSPs) are increasingly popular cyberattack targets. These entities often have numerous endpoints and distributed networks that create many opportunities for adversaries seeking weaknesses to exploit. Security awareness training is just one aspect of defense efforts, but it…
Tag: Cyber Security News
Hackers Exploiting MS-SQL Servers & Deploy Ammyy Admin for Remote Access
A sophisticated cyberattack campaign targeting vulnerable Microsoft SQL servers has been discovered, aiming to deploy remote access tools and privilege escalation malware. Security researchers have identified that threat actors are specifically exploiting poorly secured MS-SQL instances to install Ammyy Admin,…
Chrome Use-After-Free Vulnerabilities Exploited in the Wild
Google Chrome has faced a series of high-profile security incidents involving Use-After-Free (UAF) vulnerabilities, several of which have been actively exploited in the wild. These flaws, rooted in improper memory management, have become a persistent threat vector for attackers seeking…
SessionShark’ – New Toolkit Attacking Microsoft Office 365 Users’ Bypassing MFA Protections
A sophisticated new phishing toolkit named “SessionShark” has been specifically designed to circumvent Microsoft Office 365’s multi-factor authentication (MFA) protections. SessionShark is being marketed on underground forums as a turnkey phishing-as-a-service (PhaaS) solution. It enables even low-skilled threat actors to…
159 CVEs Exploited in The Wild in Q1 2025, 8.3% of Vulnerabilities Exploited Within 1-Day
In the first quarter of 2025, cybersecurity researchers documented an alarming surge in vulnerability exploitation, with 159 Common Vulnerabilities and Exposures (CVEs) being exploited in the wild. This remarkable figure represents a concerning trend as malicious actors continue to rapidly…
FBI To Offer Reward Up to $10 Million Any Information on Salt Typhoon Hackers
The Federal Bureau of Investigation announced today an unprecedented $10 million reward for actionable intelligence leading to the identification and capture of key operatives behind the infamous Salt Typhoon cyber campaign. This significant cybersecurity effort targets a sophisticated hacking group…
Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords
A hacking collective identifying itself as R00TK1T has claimed responsibility for a massive data breach affecting TikTok, allegedly exposing the credentials of more than 900,000 users. According to the group’s statements, they have released a sample of 927,000 TikTok user…
New Reports Reveals How AI is Boosting the Phishing Attack Rapidly With More Accuracy
Cybercriminals have dramatically evolved their phishing tactics, leveraging generative AI to create highly personalized and convincing attacks, according to the newly released ThreatLabz 2025 Phishing Report. The days of mass phishing campaigns have given way to hyper-targeted scams designed to…
North Korean APT Hackers Create Companies to Deliver Malware Strains Targeting Job Seekers
A sophisticated North Korean advanced persistent threat (APT) group known as “Contagious Interview” has established elaborate fake cryptocurrency consulting companies to target job seekers with specialized malware. The group, a subunit of the infamous North Korean state-sponsored Lazarus Group, has…
Microsoft’s Symlink Patch Created New Windows DoS Vulnerability
A recent Microsoft security update, intended to patch a critical privilege escalation vulnerability, has inadvertently introduced a new and significant flaw. The fix now enables non-administrative users to effectively block all future Windows security updates, creating a denial-of-service condition. This…
Russian VPS Servers With RDP, Proxy Servers Fuel North Korean Cybercrime Operations
North Korea’s cybercrime operations have significantly expanded beyond the limited 1,024 IP addresses assigned to their national network through an elaborate scheme involving Russian infrastructure. According to recent findings, five Russian IP ranges, primarily located in the border towns of…
Spring Security Vulnerability Let Attackers Determine Which Usernames are Valid
A serious vulnerability related to information exposure (CVE-2025-22234) impacts several versions of the spring-security-crypto package. The flaw enables attackers to determine valid usernames through timing attacks, undermining a key security feature designed to prevent user enumeration. The vulnerability affects Spring…
Verizon DBIR Report – Small Businesses Emerges as Prime Targets for Ransomware Attacks
Verizon’s 2025 Data Breach Investigations Report (DBIR) has revealed a disturbing trend: small and medium-sized businesses (SMBs) have become disproportionately targeted by ransomware attacks. The comprehensive report, analyzing over 22,000 security incidents including 12,195 confirmed data breaches, found ransomware present…
Threat Actors Attacking Organization in Thailand to Deploy Ransomware
Thailand has emerged as a significant target for sophisticated ransomware attacks, with a dramatic 240% increase in cyber campaigns recorded in 2024 compared to the previous year. This surge reflects heightened geopolitical tensions and strategic interest in Thailand’s expanding digital…
SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells
A wave of targeted cyberattacks has exposed a previously unknown vulnerability in SAP NetWeaver, allowing attackers to deploy malicious JSP webshells and gain unauthorized access to enterprise systems, even those running the latest patches. In April 2025, security researchers at…
U.S. Secret Service Details on How to Spot a Credit Card Skimmer
The U.S. Secret Service Washington Field Office (WFO) has issued an advisory on identifying credit card skimming devices, calling this form of financial theft a “low-risk, high-reward crime that is on the rise across the country.” Following the recent Operation…
Microsoft Defender XDR False Positive Leads to Massive Data Leak of 1,700+ Sensitive Documents
ANY.RUN research identified a large-scale data leak event triggered by a false positive in Microsoft Defender XDR. The security platform incorrectly flagged benign files as malicious, leading to their automatic submission to ANY.RUN’s public sandbox for analysis. As a result,…
Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities
Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. The threat actor has shifted tactics to exploit recently patched vulnerabilities—known as one-day vulnerabilities—before organizations can implement necessary…
Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining
In a troubling development for cybersecurity professionals, threat actors are increasingly targeting unsecured Kubernetes clusters to deploy cryptocurrency mining operations, leveraging the computational resources of victim organizations without their knowledge. These attacks exploit vulnerabilities in containerized environments, particularly focusing on…
Linux io_uring Security Blind Spot Let Attackers Stealthily Deploy Rootkits
A critical vulnerability exists in Linux’s security framework, revealing that many runtime security tools struggle to detect threats operating via the io_uring interface. This discovery exposes a critical gap in protection for Linux-based systems across cloud environments and data centers…