A sophisticated new Android malware campaign has emerged targeting Indian banking customers through convincing impersonations of popular financial applications. The malicious software masquerades as legitimate apps from major Indian financial institutions, including SBI Card, Axis Bank, Indusind Bank, ICICI, and…
Tag: Cyber Security News
Threat Actors are Actively Exploiting Vulnerabilities in Open-Source Ecosystem to Propagate Malicious Code
The open-source software ecosystem, once considered a bastion of collaborative development, has become an increasingly attractive target for cybercriminals seeking to infiltrate supply chains and compromise downstream systems. Recent analysis conducted during the second quarter of 2025 reveals that threat…
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing the exploits used against its own security mechanisms. The vulnerabilities uncovered by Elad Beber from…
Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage
The sudden emergence of the Royal ransomware in early 2023 marked a significant escalation in cyber threats targeting service providers across Europe. Exploiting unpatched VPN and remote-desktop gateways, attackers initiated brute-force and credential-stuffing campaigns to breach perimeter defenses. Once inside,…
New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers
A sophisticated new attack method that exploits AI models’ tendency to comply with legal-sounding text, successfully bypassing safety measures in popular development tools. A study by Pangea AI Security has revealed a novel prompt injection technique dubbed “LegalPwn” that weaponizes…
SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass multi-factor authentication (MFA) and deploy ransomware within hours of the initial breach. Security firms, including…
New Python-Based PXA Stealer Via Telegram Stolen 200,000 Unique Passwords and Hundreds of Credit Cards
A sophisticated new cybercriminal campaign has emerged, leveraging a Python-based information stealer known as PXA Stealer to orchestrate one of the most extensive data theft operations observed in recent months. The malware, which first surfaced in late 2024, has evolved…
Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents
The cybersecurity landscape has witnessed an unprecedented evolution as threat actors increasingly weaponize artificial intelligence to amplify their attack capabilities and target the very AI systems organizations depend upon. According to the CrowdStrike 2025 Threat Hunting Report, adversaries are no…
Mozilla Warns of Phishing Attacks Targeting Add-on Developers Account
Mozilla has issued an urgent security alert to its developer community following the detection of a sophisticated phishing campaign specifically targeting AMO (addons.mozilla.org) accounts. The company’s security team, led by Scott DeVaney, reported on August 1, 2025, that cybercriminals are…
CNCERT Accuses of US Intelligence Agencies Attacking Chinese Military-Industrial Units
Since mid-2022, Chinese military-industrial networks have reportedly been the target of highly sophisticated cyber intrusions attributed to US intelligence agencies. These campaigns exploited previously unknown vulnerabilities to install stealthy malware, maintain prolonged access, and exfiltrate sensitive defense data. Initially identified…
Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day
Researchers exploited CVE-2025-38001—a previously unknown Use-After-Free (UAF) vulnerability in the Linux HFSC queuing discipline—to compromise all Google kernelCTF instances (LTS, COS, and mitigation) as well as fully patched Debian 12 systems. Their work netted an estimated $82,000 in cumulative bounties…
FUJIFILM Printers Vulnerability Let Attackers Trigger DoS Condition
A critical security vulnerability affecting multiple FUJIFILM printer models could allow attackers to trigger denial-of-service (DoS) conditions through malicious network packets. The vulnerability, tracked as CVE-2025-48499, was announced on August 4, 2025, and affects various DocuPrint and Apoes printer series.…
LARGEST EVER Bitcoin Hack Valued $3.5 Billion Uncovered
The largest cryptocurrency hack ever recorded involved the theft of 127,426 BTC from Chinese mining pool LuBian in December 2020. The stolen Bitcoin was worth approximately $3.5 billion at the time of the theft and has since appreciated to an…
Critical Squid Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in Squid Web Proxy Cache that enables attackers to execute remote code through a heap buffer overflow in URN (Uniform Resource Name) handling. The vulnerability, tracked as CVE-2025-54574, affects all Squid versions prior…
Hackers Use AI to Create Malicious NPM Package that Drains Your Crypto Wallet
Cybercriminals have escalated their attack sophistication by leveraging artificial intelligence to create a malicious NPM package that masquerades as a legitimate development tool while secretly draining cryptocurrency wallets. The package, named @kodane/patch-manager, presents itself as an “NPM Registry Cache Manager”…
Threat Actors Exploitation Attempts Spikes as an Early Indicator of New Cyber Vulnerabilities
Cybersecurity researchers have uncovered a groundbreaking pattern that could revolutionize how organizations prepare for emerging threats. A comprehensive analysis reveals that spikes in malicious attacker activity against enterprise edge technologies serve as reliable early warning signals for new vulnerability disclosures,…
New Malware Attack Weaponizing LNK Files to Install The REMCOS Backdoor on Windows Machines
In recent weeks, cybersecurity teams have observed a surge in malicious campaigns exploiting Windows shortcut (LNK) files to deliver sophisticated backdoors. This new wave of attacks disguises LNK shortcuts as innocuous documents or folders, relying on Windows’ default behavior of…
Critical HashiCorp Vulnerability Let Attackers Execute Arbitrary Code on Underlying Host
A critical HashiCorp security vulnerability affecting Vault Community Edition and Enterprise versions could allow privileged operators to execute arbitrary code on underlying host systems. The vulnerability, tracked as CVE-2025-6000, affects Vault versions from 0.8.0 up to 1.20.0 and has been…
Hackers Can Manipulate BitLocker Registry Keys Via WMI to Execute Malicious Code as Interactive User
A novel lateral movement technique that exploits BitLocker’s Component Object Model (COM) functionality to execute malicious code on target systems. The technique, demonstrated through the BitLockMove proof-of-concept tool, represents a sophisticated evolution in lateral movement tactics that bypasses traditional detection…
NestJS Framework Vulnerability Let Attackers Execute Arbitrary Code in Developers Machine
A critical security vulnerability has been discovered in the NestJS framework’s development tools that enables remote code execution (RCE) attacks against JavaScript developers. The flaw, identified as CVE-2025-54782, affects the @nestjs/devtools-integration package and allows malicious websites to execute arbitrary code…