Cybersecurity researchers have uncovered a disturbing campaign targeting software developers through malicious Visual Studio Code extensions that have collectively amassed millions of installations. These compromised extensions, masquerading as legitimate productivity tools, covertly execute malicious code while developers focus on their…
Tag: Cyber Security News
Fortinet Warns of FortiSwitch Vulnerability Let Attackers Modify Admin Passwords
Fortinet has issued a critical advisory regarding a newly discovered vulnerability in its FortiSwitch product line. The vulnerability, identified as an unverified password change vulnerability (CWE-620), could allow remote, unauthenticated attackers to modify administrative passwords via specially crafted requests. This…
Threat Actor Leaked Data from Major Bulletproof Hosting Medialand
A significant data breach occurred when an unidentified threat actor leaked internal data from Medialand, a major bulletproof hosting (BPH) provider with extensive ties to cybercriminal operations worldwide. The leaked information exposes the infrastructure that has been enabling a wide…
Google to Patch 23-years Old Chrome Vulnerability That Leaks Browsing History
Google has announced a significant security improvement for Chrome version 136. This update addresses a 23-year-old vulnerability that could allow malicious websites to snoop on users’ browsing histories. The fix, called “:visited link partitioning,” makes Chrome the first major browser…
NIST Will Mark All CVEs Published Before 01/01/2018 as ‘Deferred’
The National Institute of Standards and Technology (NIST) announced on April 2, 2025, that all Common Vulnerabilities and Exposures (CVEs) with a published date prior to January 1, 2018, will be marked as “Deferred” within the National Vulnerability Database (NVD)…
Oracle Confirms that Hackers Broke Systems & Stole Client Login Credentials
Oracle Corp. has privately confirmed to customers that a threat actor breached a computer system and exfiltrated old client login credentials. This acknowledgment comes after weeks of public denials and represents the second cybersecurity incident the company has disclosed to…
Threat Actors May Leverage CI/CD Environments to Gain Access To Restricted Resources
Cybersecurity experts have observed a concerning trend where sophisticated threat actors are increasingly targeting Continuous Integration/Continuous Deployment (CI/CD) pipelines to gain unauthorized access to sensitive cloud resources. These attacks exploit misconfigurations in the OpenID Connect (OIDC) protocol implementation, allowing attackers…
Google Patched Android 0-Day Vulnerability Exploited in the Wild
Google has released its April 2025 Android Security Bulletin, addressing numerous critical vulnerabilities including two zero-day flaws actively exploited in targeted attacks. This marks the third consecutive month that Google has issued emergency patches for actively exploited vulnerabilities, highlighting the…
Linux 6.15-rc1 Released With Major Driver Update & Perfomance Boost
The Linux community has unveiled the highly anticipated Linux 6.15-rc1 test kernel, marking a significant milestone in the ongoing evolution of the open-source operating system. This release introduces substantial driver updates, performance optimizations, and new hardware support that collectively enhance…
Nissan Leaf Vulnerability Exploited to Gain Control Over the Car Remotely
A team of researchers at PCAutomotive revealed to Cyber security news today that attackers could fully compromise second-generation Nissan Leaf EVs (2020 model) through a flaw in the infotainment system, enabling unprecedented remote control over critical vehicle functions. The exploit…
Subwiz – New AI-powered Recon Tool to Hunt for Hidden Subdomains
The first-ever custom-trained AI tool for subdomain discovery to transform the way security professionals identify hidden subdomains, which are often overlooked yet highly vulnerable entry points for cyberattacks. Traditionally, subdomain enumeration has relied on brute-force methods, which involve generating and…
Kelloggs Data Breach – Hackers Breached the Servers and Stolen Data
WK Kellogg Co., the prominent North American cereal manufacturer, has confirmed a significant data breach affecting its servers hosted by Cleo, a third-party vendor providing secure file transfer services. The breach occurred on December 7, 2024, but was only discovered…
ANY.RUN’s Enhanced Threat Intelligence Feeds With Unique IOC for SOC/DFIR Teams
ANY.RUN’s Threat Intelligence (TI) Feeds have established themselves as a valuable resource for cybersecurity professionals seeking fresh and unique indicators of compromise (IOCs). This continuously updated stream of threat intelligence leverages data from over 500,000 researchers and security professionals worldwide,…
PoC Exploit Released for Yelp Flaw that Exposes SSH Keys on Ubuntu Systems
A proof-of-concept (PoC) exploit has been released for CVE-2025-3155, a critical vulnerability in GNOME’s Yelp help viewer that enables attackers to exfiltrate SSH keys and other sensitive files from Ubuntu systems. The flaw leverages improper handling of the ghelp:// URI…
WhatsApp Vulnerability Let Attackers Execute Malicious Code Via Attachments
A critical vulnerability in WhatsApp for Windows that could allow attackers to execute malicious code through seemingly innocent file attachments. The spoofing vulnerability, officially tracked as CVE-2025-30401, affects all versions of WhatsApp Desktop for Windows prior to 2.2450.6 and poses…
Hackers Exploiting Windows .RDP Files For Rogue Remote Desktop Connections
In a sophisticated espionage campaign targeting European government and military institutions, hackers believed to be connected with Russian state actors have been utilizing a lesser-known feature of Windows Remote Desktop Protocol (RDP) to infiltrate systems. The Google Threat Intelligence Group…
Malicious Python Packages Attacking Popular Cryptocurrency Library To Steal Sensitive Data
Cybersecurity experts have identified a new threat targeting cryptocurrency developers and users. Two malicious Python packages have been discovered on the Python Package Index (PyPI) specifically designed to compromise systems using the popular bitcoinlib library. These packages, identified as bitcoinlibdbfix…
Threat Actors Weaponize Windows Screensavers Files to Deliver Malware
Malware operators continue exploiting the Windows Screensaver (.scr) file format to distribute malicious payloads, leveraging its executable nature under the guise of harmless system files. Recent campaigns observed by cybersecurity researchers reveal advanced tactics targeting global enterprises through sophisticated phishing…
AI Outperformed Elite Red Teams in Creating an Effective Spear Phishing Attack
AI-powered spear phishing agents have surpassed elite human red teams in crafting socially engineered attacks as recently revealed. From 2023 to 2025, AI’s effectiveness relative to humans improved by 55%, marking a paradigm shift in both offensive and defensive cybersecurity…
Threat Actors Leveraging Toll Payment Services in Massive Hacking Attack
A sophisticated cybercriminal operation has emerged targeting toll payment services across multiple regions, with evidence suggesting this campaign will continue expanding globally. The attack, characterized by highly convincing SMS phishing (smishing) messages, has already reached millions of consumers who use…