Tag: Cyber Security News

In the face of relentless cyber threats and an ever-expanding digital attack surface, security leaders are under growing pressure to modernize their cybersecurity programs by leveraging AI in cybersecurity to enhance detection, response, and overall resilience. Artificial Intelligence (AI) has…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has released five new advisories addressing critical vulnerabilities in Industrial Control Systems (ICS) from Siemens, Schneider Electric, and ABB.  These advisories, published on April 22, 2025, provide detailed information on security flaws, associated…

Read more →

In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities before public proof-of-concept (PoC) exploits are available. Keeley used GPT-4 to develop a functional exploit for…

Read more →

A sophisticated attack technique dubbed “Cookie-Bite” enables cybercriminals to silently bypass multi-factor authentication (MFA) and maintain persistent access to cloud environments. Varonis Threat Labs revealed that attackers leverage stolen browser cookies to impersonate legitimate users without requiring credentials, effectively rendering…

Read more →

A critical privilege-escalation vulnerability in Google Cloud Platform (GCP), dubbed “ConfusedComposer,” could have allowed attackers to gain elevated permissions to sensitive cloud resources.  The vulnerability, now patched, enabled attackers with minimal permissions to potentially gain control over a highly privileged…

Read more →

In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities before public proof-of-concept (PoC) exploits are available. Keeley used GPT-4 to develop a functional exploit for…

Read more →

Modern organizations rely on a sprawling network of third-party vendors, suppliers, and partners to drive innovation and operational efficiency. However, this interconnected ecosystem introduces significant cybersecurity risks. As attack surfaces expand, malicious actors increasingly target weaker links in the supply…

Read more →

A concerning new supply chain attack has emerged targeting Linux developers who work with Telegram’s bot ecosystem. Discovered in early 2025, several malicious npm packages have been masquerading as legitimate Telegram bot libraries to deliver SSH backdoors and exfiltrate sensitive…

Read more →

Cybersecurity experts have identified a sophisticated attack campaign exploiting Cloudflare’s tunnel infrastructure to distribute various remote access trojans (RATs). The infrastructure, which has demonstrated remarkable resilience since February 2024, serves as a distribution platform for malicious files and trojans that…

Read more →

In an era where online shopping has become second nature and eCommerce revenues are breaking new records every year, the trust between customer and vendor is more than just a matter of reputation it’s a matter of survival. That trust…

Read more →

A sophisticated Magecart attack campaign has been discovered targeting e-commerce platforms, employing heavily obfuscated JavaScript code to harvest sensitive payment information. This latest variant of Magecart skimming attacks exhibits advanced techniques for evading detection while seamlessly capturing credit card details…

Read more →

The Federal Bureau of Investigation (FBI) has issued an urgent warning about a sophisticated phishing campaign where cybercriminals impersonate Internet Crime Complaint Center (IC3) employees to defraud individuals. This new threat emerged in early April 2025, targeting victims through convincing…

Read more →

In Cybersecurity indicators, three powerful tools Indicators of Compromise (IOCs), Indicators of Behavior (IOBs), and Indicators of Attack (IOAs) are helping organizations detect threats early and respond more effectively. These indicators offer crucial insights into malicious activity, empowering security teams…

Read more →

In today’s rapidly evolving digital landscape, cybersecurity is no longer just a technical concern; it’s a strategic business priority. As organizations become more interconnected and cyber threats grow in complexity, boards of directors demand greater transparency and accountability from their…

Read more →

Joining Criminal IP at Booth S-634 | South Expo, Moscone Center | April 28 – May 1, 2025 Criminal IP, the global cybersecurity platform specializing in AI-powered threat intelligence and OSINT-based data analytics, will exhibit at RSAC 2025 Conference, held…

Read more →

In a concerning development for the open-source community, several malicious packages on npm and PyPI repositories have been discovered posing as legitimate developer tools while secretly harvesting cryptocurrency wallet credentials. These packages, which have accumulated thousands of downloads collectively, demonstrate…

Read more →

Google Chrome is preparing to roll out a major privacy update with the introduction of a new “Incognito tracking protections” page, designed to give users more control and transparency over their data while browsing privately. A recent update mentioned by…

Read more →

In today’s rapidly evolving threat landscape, Chief Information Security Officers (CISOs) face the challenge of securing their organizations with finite resources against virtually unlimited threats. Strategic cybersecurity budgeting has emerged as a critical leadership function beyond simple cost allocation. Effective…

Read more →

A critical security vulnerability in Samsung’s One UI system has been discovered, exposing millions of users’ sensitive information through the clipboard functionality.  Security researchers have identified that Samsung devices running Android 9 or later store all clipboard content—including passwords, banking…

Read more →

Cybersecurity researchers have recently uncovered a sophisticated new variant of the notorious Lumma InfoStealer malware, featuring advanced code flow obfuscation techniques designed to evade detection by security solutions. This latest iteration represents a significant evolution in the malware’s capabilities, with…

Read more →