Irish and Spanish law enforcement authorities have successfully apprehended 12 members of a high-risk criminal network in a coordinated operation spanning both countries. The arrests, announced on March 26, 2025, included six suspects in Ireland and six in Spain, all…
Tag: Cyber Security News
Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload
Splunk has released patches to address a high-severity Remote Code Execution (RCE) vulnerability affecting Splunk Enterprise and Splunk Cloud Platform. The vulnerability, identified as CVE-2025-20229, could allow a low-privileged user to execute arbitrary code by uploading malicious files. The vulnerability…
Production Line Cameras Vulnerabilities Let Attackers Stop The Recordings
Critical security vulnerabilities have been identified in industrial camera systems widely deployed across Japanese manufacturing facilities, allowing malicious actors to remotely access live footage and disrupt essential production monitoring. These flaws, present in the Inaba Denki Sangyo Co., Ltd. IB-MCT001…
SectopRAT as Weaponized Cloudflare Turnstile Challenge Attacks Windows Users
A sophisticated new malware strain dubbed SectopRAT has emerged, leveraging Cloudflare’s Turnstile challenge system as part of its attack methodology. This Remote Access Trojan specifically targets Windows users through a multi-staged infection process that begins with seemingly legitimate CAPTCHA verification…
YouTube Creators Under Attack via Brand Collaborators Requests Using Clickflix Technique
A sophisticated phishing campaign dubbed the “Clickflix Technique” has emerged targeting YouTube content creators through seemingly legitimate brand collaboration requests. This new attack vector exploits creators’ eagerness to secure sponsorship deals by disguising malware payloads as partnership documentation. Cybercriminals initiate…
Top 3 Cyber Attacks In March 2025
March 2025 saw a sharp uptick in cyber threats that put both individual users and organizations at risk. From banking apps weaponized to steal personal data, to trusted domains abused for redirecting users to phishing traps, cybercriminals didn’t hold back.…
3 in 4 Enterprise Users Upload Data to GenAI Including Passwords and Keys
In a startling revelation, a new report indicates that three out of four enterprise users are uploading data to generative AI (genAI) applications, including sensitive information such as passwords and keys. This alarming trend highlights the growing risks associated with…
New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload
The NPM package repository remains active, and despite a decline in malware numbers between 2023 and 2024, this year’s numbers don’t seem to continue that downward trend. Recently, security researchers discovered two intriguing packages ethers-provider2 and ethers-providerz, which employed sophisticated…
Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server
A critical issue affecting Windows 11 24H2 users has emerged, disrupting the connection between Veeam Recovery Media and backup servers. The problem, linked to Microsoft’s February update (KB5051987), is preventing organizations from performing data recovery operations, potentially compromising business continuity…
North Korean Kimsuky Hackers New Tactics & Malicious Scripts in Latest Attacks
A sophisticated cyberattack campaign attributed to the North Korean Advanced Persistent Threat (APT) group Kimsuky has been observed utilizing new tactics and malicious scripts. The attack revolves around a ZIP file containing multiple components designed to steal sensitive information from…
Your Smart TV May Bring Down the Entire Network
CYFOX has uncovered significant vulnerabilities in smart TVs that could potentially disrupt entire enterprise networks. This discovery was made possible by their groundbreaking OmniSec vCISO platform, the first GenAI-powered autonomous security and compliance agent. During the implementation of OmniSec, CYFOX…
Operation ForumTroll – APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections
In mid-March 2025, cybersecurity researchers uncovered “Operation ForumTroll,” targeting Russian media outlets and educational institutions. Victims are infected by clicking phishing links disguised as invitations to the “Primakov Readings” forum, requiring no further interaction for the sophisticated malware to deploy…
CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access
Two critical vulnerabilities have been identified in widely used software: CrushFTP and Next.js. CrushFTP, a file transfer solution, contains a vulnerability allowing unauthorized access through standard web ports, bypassing security measures. Additionally, Next.js, a popular React framework, suffers from CVE-2025-29927,…
Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages
Researchers have discovered a major security vulnerability affecting multiple gaming laptop models using Clevo hardware. Boot Guard private keys were found exposed within firmware update packages, potentially allowing attackers to bypass critical security protections in affected devices. Researchers at Binary…
200 Unique Domains Used by Raspberry Robin Unveiled
Raspberry Robin, a complex and evolving malware threat, has been operating since 2019, initially spreading through infected USB drives at print and copy shops. This sophisticated malware has transformed from a simple worm into a full-fledged initial access broker (IAB)…
Cloudflare Attributes Recent Service Outage to Password Rotation Error
A credential rotation error led to widespread service disruptions across multiple Cloudflare products on March 21, 2025, affecting customers globally for over an hour. The company disclosed that 100% of write operations and approximately 35% of read operations to their…
Critical NetApp SnapCenter Server Vulnerability Let Attackers Become an Admin User
A high-severity security vulnerability discovered in NetApp SnapCenter could allow authenticated users to gain administrative privileges on remote systems, posing significant risks to organizational data and infrastructure security. Security researchers have identified this vulnerability, CVE-2025-26512, which carries a critical CVSS…
New Chrome Installer Breaks With Error “This App can’t Run on your PC” on Windows 10 & 11
Google’s Chrome browser installation process has been disrupted by a significant technical error affecting Windows users worldwide. Users attempting to install Chrome on Intel or AMD-based Windows 10 and 11 systems are encountering an error message stating “This app can’t…
DrayTek Routers Vulnerability Exploited in the Wild – Possibly Links to Reboot Loop
Multiple internet service providers worldwide are reporting widespread disruptions as DrayTek routers enter continuous reboot loops, affecting businesses and consumers alike. Security intelligence firm GreyNoise has identified the active exploitation of several DrayTek vulnerabilities, which could be linked to these…
New IOCONTROL Malware Attacking Critical Infrastructure to Gain Remote Access and Control
A newly identified malware strain dubbed “IOCONTROL” has emerged as a critical threat to operational technology (OT) and Internet of Things (IoT) systems, particularly targeting fuel-management infrastructure in the United States and Israel. First observed in December 2024, this Linux-based…