The most common passwords hackers are using in attacks against Remote Desktop Protocol (RDP) services, highlighting critical vulnerabilities in many organizations’ security postures. The Specops research team analyzed 15 million passwords used in live attacks against RDP ports, revealing that…
Tag: Cyber Security News
Attackers Leveraging JavaScript & CSS to Steal User Browsing History
Web browsing history, a feature designed to enhance user convenience by styling visited links differently, has inadvertently become a privacy vulnerability exploited by attackers. While this functionality helps users navigate websites by visually distinguishing visited links, it also opens the…
Google Brings End-to-End Encryption for Gmail Business Users
Google has launched a new end-to-end encryption (E2EE) model for Gmail enterprise users, marking a significant advancement in email security that allows business customers to send fully encrypted emails to any recipient with minimal technical complexity. Announced on April 1,…
New Android Malware ‘Salvador Stealer’ That Phish & Steals Your Banking Details & OTPs
Cybersecurity researchers have discovered a sophisticated new Android malware called “Salvador Stealer” that targets banking credentials and one-time passwords (OTPs) through an elaborate phishing scheme. This multi-stage malware masquerades as legitimate banking applications to trick users into revealing sensitive financial…
Multiple Chrome Vulnerabilities Let Attackers Execute Arbitrary Code
Google has rolled out a critical security update for Chrome 135 across all desktop platforms. The update addresses fourteen vulnerabilities, including high-severity flaws that could enable remote code execution. The stable channel update (135.0.7049.52 for Linux, 135.0.7049.41/42 for Windows/macOS) comes…
Channel Triggered Backdoor Attack in Wireless Channels Let Attackers Read Passwords
Cybersecurity researchers have uncovered a sophisticated new attack method that exploits wireless communication channels to create covert backdoors, enabling threat actors to capture sensitive credentials without detection. This technique, dubbed “Channel Triggered Backdoor Attack,” manipulates subtle variations in wireless signals…
Hackers Actively Targeting SonicWall, Zoho, F5 & Ivanti Systems to Exploit Vulnerabilities
A significant surge in cyberattacks targeting enterprise network appliances and remote access tools has put global organizations on high alert. On March 28, 2025, GreyNoise observed a 300% increase in malicious activity directed at SonicWall firewalls, Zoho ManageEngine platforms, F5…
Exploiting Side-Channel Leakage Enable Successful Exploitations on The Latest Linux Kernel
In a concerning development for Linux kernel security, researchers have demonstrated how side-channel leakage in kernel defenses can be exploited to compromise even the latest Linux kernels. The technique, detailed in a USENIX Security paper, reveals how certain kernel defenses…
CISA Releases Two ICS Advisories for Vulnerabilities, & Exploits Surrounding ICS
The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories on April 1, 2025, highlighting significant vulnerabilities in critical infrastructure components. These advisories, ICSA-25-091-01 and ICSA-24-331-04, address security flaws in Rockwell Automation and Hitachi Energy products…
Sliver Framework Customized to Boost Evasion & Bypass EDR Detections
Sliver, a multi-platform Command & Control framework written entirely in Go, has gained significant traction in offensive security since its 2020 release. The framework provides red teams with powerful post-exploitation capabilities, but as its user base has expanded, detection has…
Python Officially Unveils New Standard Lock File Format to Improve Security
Python has officially standardized a lock file format with the acceptance of PEP 751 marking a significant milestone for the Python packaging ecosystem. The new format, named pylock.toml, addresses long-standing issues with dependency management by providing a standardized way to…
Ransomware Is a Core Threat Across 93% of Industries – Resilience Key
Ransomware has emerged as one of the most devastating cyberthreats facing organizations today, capable of bringing even thriving businesses to their knees within hours. As digital transformation accelerates across sectors, the attack surface for these malicious campaigns continues to expand,…
New Wave of IRS Attacks Targeting Tax Payers Mobile Devices
Cybersecurity experts have identified a sophisticated phishing campaign specifically targeting taxpayers through their mobile devices. The attacks leverage the heightened anxiety of last-minute tax filers, creating a perfect storm for cybercriminals looking to harvest sensitive personal and financial information. These…
CISA Warns of Apache Tomcat Vulnerability Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Apache Tomcat vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog following evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2025-24813, allows remote attackers to execute arbitrary…
New KoiLoader Abuses Powershell Scripts to Deliver Malicious Payload
Cybersecurity researchers identified a sophisticated malware campaign leveraging a new variant of KoiLoader, a modular payload delivery system notorious for distributing information stealers like Koi Stealer. This updated strain employs PowerShell scripts embedded within Windows shortcut (LNK) files to bypass…
Hackers Leverage Microsoft Teams Message to Drop Malicious Payload
A sophisticated multi-stage attack where threat actors leverage Microsoft Teams to deliver malicious payloads, establishing persistence and remote access to corporate networks. This new attack vector exploits Teams’ perceived security as an internal business application, allowing attackers to bypass traditional…
APT34 hackers Using New Custom Malware to Attack Finance & Telecomm Industries
A sophisticated cyber espionage campaign attributed to Iranian state-sponsored group APT34 (OilRig) has targeted Iraqi governmental entities and critical infrastructure sectors since late 2024, leveraging new malware variants designed to evade conventional security measures. The group, active since 2012, has…
Top 3 Techniques To Improve Threat Hunting In Your Company
Threat hunting isn’t just a job — it’s an adventure. There’s a thrill in proactively chasing down adversaries who think they’ve outsmarted your defenses. It’s this blend of challenge, creativity, and impact that makes threat hunting not only fun but…
Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code
A critical security flaw in Kentico Xperience CMS, a widely used enterprise content management system (CMS), has been uncovered. By exploiting a Cross-Site Scripting (XSS) vulnerability, attackers can execute remote code. This vulnerability, tracked as CVE-2025-2748, affects versions of Kentico…
EncGPT – AI-agent that Dynamically Generates Encryption & Decryption Rules
Researchers from Xi’an Jiaotong University have introduced EncGPT, an AI-powered multi-agent framework that dynamically generates encryption and decryption rules. This innovation addresses critical challenges in communication security, balancing cost-efficiency and high-level encryption reliability. EncGPT leverages large language models (LLMs) to…