The Tor Project has issued an emergency update for Windows users on March 27, 2025, releasing Tor Browser 14.0.8 with critical security patches. This Windows-only release addresses “very urgent” security vulnerabilities in Firefox, the browser framework underpinning Tor Browser, and…
Tag: Cyber Security News
CISA Warns of Google Chrome Zero-day Vulnerability Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical zero-day vulnerability in Google Chrome that is actively being exploited in the wild. The vulnerability, identified as CVE-2025-2783, affects the Chromium-based browsers on Windows systems…
Arkana Ransomware Group Claims Compromise of US Telecom Companies
The largest US internet provider, WideOpenWest (WOW!), is allegedly compromised by Arkana Security, a recently discovered ransomware group. The attack, which security researchers trace to an infostealer infection from September 2024, has reportedly compromised over 403,000 customer accounts and granted…
Cloud Attacks Raises by Five Times Attacking Sensitive IAM Service Accounts
Organizations are facing an unbelievable surge in cloud-based security threats, with attacks nearly five times more frequent at the end of 2024 compared to the beginning of the year. Most concerning is the targeted attack on Identity and Access Management…
GorillaBot Attacks Windows Devices With 300,000+ Attack Commands Across 100+ Countries
A new botnet named “GorillaBot,” has orchestrated over 300,000 attack commands across more than 100 countries within a span of just three weeks. Built on the infamous Mirai botnet framework, GorillaBot represents a sophisticated malware evolution. It leverages advanced encryption…
Windows Server 2025 Security Update Freezes Remote Desktop Sessions Connection
A recent security update for Windows Server 2025, released on February 11, 2025 (KB5051987), has caused a significant issue for users relying on Remote Desktop Protocol (RDP). The update, part of Microsoft’s February Patch Tuesday, has led to RDP sessions…
Windows 11 January 2025 Preview Update Disconnects Remote Desktop Sessions
Microsoft’s January 2025 Windows preview update (KB5050094) for Windows 11 version 24H2 has caused significant issues with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS). Users have reported unexpected disconnections, particularly after the release of the March 2025…
Classiscam Actors Automate Malicious Websites To Steal Financial Data
Online marketplaces have become increasingly popular in developing countries since 2015, providing platforms for trading various goods from used electronics to brand-new items. This digitalization trend, however, has created fertile ground for sophisticated scam operations. Among these, Classiscam has emerged…
Hackers Abuse COM Objects for Fileless Malware Lateral Movements
A sophisticated technique was recently detected by researchers where attackers abuse Component Object Model (COM) objects to execute fileless malware for lateral movement across networks. This technique, detailed in research from March 2025, leverages legitimate Windows functionality to establish persistence…
CISA Adds Sitecore CMS Code Execution Vulnerability to List of Known Exploited Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical Sitecore CMS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities, CVE-2019-9874 and CVE-2019-9875, both affect the Sitecore.Security.AntiCSRF…
NSW Online Registry Website Breach – 9,000+ Files Stolen by Hackers
In a significant cybersecurity incident, approximately 9,000 sensitive court documents have been illegally downloaded from the NSW Online Registry Website (ORW), which authorities are calling a “major data breach.” The attack has triggered an immediate investigation by the NSW Police…
Synology Mail Server Let Remote Attackers Tamper System Configurations
A moderate-severity vulnerability has been identified in Synology Mail Server. It allows remote authenticated attackers to read and write non-sensitive settings and disable certain non-critical functions. The security flaw, tracked as CVE-2025-2848, affects multiple versions of the popular mail server software and…
Threat Actors Using Powerful Cybercriminal Weapon ‘Atlantis AIO’ to Automate Credential Stuffing Attacks
Credential stuffing has emerged as one of the most pervasive and effective attack vectors in today’s cybersecurity landscape. This technique, which leverages stolen username and password combinations across multiple platforms, has been significantly enhanced through a sophisticated automation tool called…
B1ack’s Stash MarketPlace Actors to Release 4 Million Stolen Credit Card Details for Free
Dark web carding marketplace B1ack’s Stash has announced the release of 4 million stolen credit card details at no cost to cybercriminals. This massive data leak, publicized on February 19, 2025, represents one of the largest freely distributed caches of…
PoC Exploit Released for Ingress-NGINX Remote Code Execution Vulnerabilities
A proof-of-concept (PoC) exploit for a critical remote code execution vulnerability in Kubernetes Ingress-NGINX controllers, tracked as CVE-2025-1974. The vulnerability uncovered by WiZ affects the validation webhook component and could allow attackers to execute arbitrary code on affected systems, potentially…
Pakistan APT Hackers Create Weaponized IndiaPost Website to Attack Windows & Android Users
Cybersecurity researchers have uncovered a sophisticated attack campaign leveraging a fraudulent website that impersonates the Indian Post Office to deliver malware to both Windows and Android users. The fake website, hosted at postindia[.]site, employs device detection techniques to serve tailored…
CodeQLEAKED – GitHub Supply Chain Attack Allows Code Execution Using CodeQL Repositories
A significant vulnerability in GitHub’s CodeQL actions could have permitted attackers to execute malicious code across hundreds of thousands of repositories. The vulnerability, assigned CVE-2025-24362, originated from a publicly exposed GitHub token in workflow artifacts that created a small but…
New Sophisticated Linux-Backdoor Attacking OT Systems Exploiting 0-Day RCE
A sophisticated Linux-based backdoor dubbed “OrpaCrab” has emerged as a significant threat to operational technology (OT) systems, particularly those managing gas station infrastructure. Security researchers discovered the malware after it was uploaded to VirusTotal in January 2024 from the United…
OpenAI Offering Up to $100,000 for Critical Vulnerabilities in its Infrastructure
OpenAI has dramatically increased its maximum bug bounty reward to $100,000 for exceptional critical security vulnerabilities, up from the previous cap of $20,000. This fivefold increase highlights the AI leader’s growing emphasis on cybersecurity as its models advance toward artificial…
Exim Use-After-Free Vulnerability Allows Privilege Escalation
A critical security vulnerability has been identified in the widely used Exim mail transfer agent (MTA), potentially allowing attackers with command-line access to escalate privileges on affected systems. The vulnerability, tracked as CVE-2025-30232, affects Exim versions 4.96 through 4.98.1 and…