A sophisticated malware operation known as SocGholish has emerged as one of the internet’s most persistent and deceptive threats, masquerading as legitimate software updates to compromise unsuspecting users’ systems. The malware, operated by the cybercriminal group TA569, has evolved from…
Tag: Cyber Security News
Nvidia Says No Backdoors, No Kill Switches, and No Spyware in its Chips
Nvidia Corporation has issued a strong statement asserting that its graphics processing units (GPUs) contain no backdoors, kill switches, or spyware, directly addressing growing concerns from policymakers about potential hardware-based control mechanisms. The semiconductor giant’s declaration comes as some industry…
HeartCrypt-Packed EDR Killer Tools ‘AVKiller’ Actively Used in Ransomware Attacks
Cybersecurity teams have confronted a rising threat from a novel “EDR killer” payload in recent months, commonly referred to as AVKiller, which has been observed disabling endpoint defenses to facilitate the deployment of ransomware. First detected in mid-2024, this tool…
10 Best Data Loss Prevention Software in 2025
Data Loss Prevention (DLP) software is a critical cybersecurity solution designed to protect sensitive data from leaving an organization’s network. In an era where data is a company’s most valuable asset, and regulatory penalties for data breaches are severe, DLP…
Gemini Exploited via Prompt Injection in Google Calendar Invite to Steal Emails, and Control Smart Devices
A sophisticated attack method exploits Google’s Gemini AI assistant through seemingly innocent calendar invitations and emails. The attack, dubbed “Targeted Promptware Attacks,” demonstrates how indirect prompt injection can compromise users’ digital privacy and even control physical devices in their homes. …
HTTP/1.1 Fatal Vulnerability Exposes Millions of Websites to Hostile Takeover
A critical vulnerability in the HTTP/1.1 protocol threatens tens of millions of websites with potential hostile takeovers through sophisticated desynchronization attacks. This fundamental flaw in the decades-old protocol creates extreme ambiguity about where one request ends and the next begins,…
1.2 Million Healthcare Devices and Systems Data Leaked Online – Patient Records at Risk of Exposure
Over 1.2 million internet-connected healthcare devices and systems with exposure that endanger patient data shown in new research by European cybersecurity company Modat. Global findings showing Top 10 Regions (most results are across Europe, the USA, and South Africa): Research was conducted…
HashiCorp Vault 0-Day Vulnerabilities Let Attackers Execute Remote Code
Security researchers uncovered a series of critical zero-day vulnerabilities in HashiCorp Vault in early August 2025, the widely adopted secrets management solution. These flaws, spanning authentication bypasses, policy enforcement inconsistencies, and audit-log abuse, create end-to-end attack paths that culminate in…
Hackers Uses Social Engineering Attack to Gain Remote Access in 300 Seconds
Threat actors successfully compromised corporate systems within just five minutes using a combination of social engineering tactics and rapid PowerShell execution. The incident, investigated by NCC Group’s Digital Forensics and Incident Response (DFIR) team, demonstrates how cybercriminals are weaponizing trusted…
New Microsoft Exchange Server Vulnerability Enables Attackers to Gain Admin Privileges
A critical security vulnerability in Microsoft Exchange Server hybrid deployments has been disclosed, allowing attackers with on-premises administrative access to escalate privileges to cloud environments without easily detectable traces. The vulnerability, tracked as CVE-2025-53786, was officially documented by Microsoft on…
Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities
Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively…
Lazarus Hackers Trick Users To Believe Their Camera or Microphone is Blocked to Deliver PyLangGhost RAT
Cybersecurity researchers have observed a new social engineering campaign attributed to North Korea’s Lazarus Group in recent weeks that leverages fake camera and microphone errors to force targets into running malicious scripts. Victims, primarily in the finance and technology sectors,…
Google’s Salesforce Instances Hacked in Ongoing Attack: Hackers Exfiltrate User Data
Google has confirmed that one of its corporate Salesforce instances was compromised in June by the threat group tracked as UNC6040. This incident is part of a Salesforce attack campaign involving voice phishing attacks aimed at stealing sensitive data from…
UAC-0099 Hackers Weaponizing HTA Files to Deliver MATCHBOIL Loader Malware
The Ukrainian threat intelligence group UAC-0099 has significantly evolved its cyber warfare capabilities, deploying a sophisticated new malware toolkit targeting Ukrainian state authorities, Defense Forces, and defense industrial enterprises. The National Cyber Incident Response Team CERT-UA has documented a series…
Mustang Panda Attacking Windows Users With ToneShell Malware Mimic as Google Chrome
A sophisticated new cyber campaign has emerged targeting Windows users through a deceptive malware variant known as ToneShell, which masquerades as the legitimate Google Chrome browser. The advanced persistent threat (APT) group Mustang Panda, known for its strategic targeting of…
Threat Actors Weaponize Smart Contracts to Drain User Crypto Wallets of More Than $900k
In a sophisticated campaign uncovered in early 2024, cybercriminals have begun distributing malicious Ethereum smart contracts masquerading as lucrative trading bots. These weaponized contracts leverage Web3 development platforms such as Remix to entice victims into deploying code that appears to…
SpyCloud Enhances Investigations Solution With AI-Powered Insights –Revolutionizing Insider Threat and Cybercrime Analysis
Austin, TX, USA, August 6th, 2025, CyberNewsWire SpyCloud Investigations, now with AI Insights, empowers security teams to act decisively with finished intelligence built from billions of breach, malware, and phishing records. SpyCloud, the leader in identity threat protection, today announced…
Sophisticated DevilsTongue Windows Spyware Tracking Users Globally
The emergence of DevilsTongue marks a significant escalation in mercenary spyware capabilities, leveraging advanced Windows-based techniques to infiltrate high-value targets worldwide. First observed in campaigns dating back to 2019, this modular malware aggressively exploits zero-day browser vulnerabilities and weaponized documents…
Rockwell Arena Simulation Vulnerabilities Let Attackers Execute Malicious Code Remotely
Rockwell Automation has disclosed three critical memory corruption vulnerabilities in its Arena® Simulation software that could allow threat actors to execute arbitrary code remotely on affected systems. The security flaws, identified as CVE-2025-7025, CVE-2025-7032, and CVE-2025-7033, carry a high CVSS…
Global Jewellery Brand Pandora Suffers Hacked – Customer Data Exposed
Danish jewellery giant Pandora has disclosed a significant data breach that compromised customer information through a third-party vendor platform. The company has begun notifying affected customers, starting with Italian markets, about the cybersecurity incident that resulted in unauthorized access to…