A growing attack trend since the second half of 2024 involves threat actors using fake CAPTCHA challenges to trick users into executing malicious PowerShell commands and infecting their systems with dangerous malware. These sophisticated social engineering tactics leverage users’ familiarity…
Tag: Cyber Security News
Researchers Unboxed FIN7’s Stealthy Python-based Anubis Backdoor
Cybersecurity experts have identified a sophisticated new backdoor tool developed by the notorious financial cybercrime group FIN7. The Python-based malware, dubbed “Anubis Backdoor,” represents an evolution in the group’s tactics, techniques, and procedures (TTPs) that have historically caused billions in…
JumpServer Vulnerabilities Let Attacker Bypass Authentication & Gain Complete Control
A series of critical vulnerabilities discovered in JumpServer, an open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has raised significant security concerns. JumpServer serves as a bastion host to internal networks, offering a centralized point for accessing internal resources…
Researchers Details macOS Vulnerability That Exposes System Passwords
Recent revelations about a critical vulnerability affecting macOS systems have raised significant concerns among cybersecurity professionals and users alike. The flaw, which potentially exposes sensitive system passwords, has been thoroughly analyzed and documented in a newly released report. This vulnerability…
Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers
A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds, demonstrating how blacklist-based…
Over 150 US Government Database Servers Exposed to the Internet – New Report
Over 150 government database servers normally hidden behind layers of security are now directly exposed to the Internet, leaving Americans’ data vulnerable to cyberattacks. A groundbreaking open-source investigation has revealed what experts describe as “one of history’s largest exposures of…
Beware of Fake Meta Email’s From Hackers That Steal Your Ad Account Login’s
A dangerous new phishing campaign targeting businesses that use Meta platforms for advertising has been discovered. The scam begins with users receiving an urgent email claiming “YOUR ADS ARE TEMPORARILY SUSPENDED” due to alleged violations of Instagram’s Advertising Policies and…
Hackers Are Actively Exploiting Apache Tomcat Servers – Patch Now!
Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers. The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…
Albabat Ransomware Attacking Windows, Linux & macOS by Leveraging GitHub
A new cross-platform threat has emerged in the ransomware landscape as researchers uncover new versions of Albabat ransomware targeting Windows, Linux, and macOS systems simultaneously. The ransomware operators have implemented a sophisticated approach to manage their operations through GitHub repositories,…
UAT-5918 Hackers Exploiting Exposed Web and Application Servers N-Day Vulnerabilities
A sophisticated threat actor tracked as UAT-5918 has been observed actively exploiting known vulnerabilities in web and application servers that remain unpatched across multiple organizations. The campaign, which began in early 2025, primarily targets infrastructures running outdated versions of Apache,…
Hackers Are Actively Exploiting Apache Tomcat Servers Exploiting – Patch Now
Threat actors actively exploit a critical vulnerability in Apache Tomcat, tracked as CVE-2025-24813, which could enable unauthorized remote code execution (RCE) on vulnerable servers. The vulnerability, first disclosed on March 10, 2025, has already seen exploitation attempts beginning just 30…
Cloudflare to Close All HTTP Ports for APIs, Enforces HTTPS Connection
Cloudflare announced today that it has closed all HTTP ports on api.cloudflare.com, taking a significant step toward eliminating the security risks associated with cleartext HTTP traffic. The change, effective immediately, prevents sensitive information such as API tokens from being transmitted…
Hellcat Ransomware Group Hacked Ascom Technical Ticketing System
Swiss telecommunications solutions provider Ascom has fallen victim to a cyberattack by the notorious Hellcat ransomware group, which compromised the company’s technical ticketing system on March 16, 2025. The attack represents the latest in a global hacking spree targeting Jira…
Infosys Agrees to $17.5 Million Settlement Following 2023 Data Breach
Indian technology giant Infosys Limited has agreed to pay $17.5 million to settle six class action lawsuits from a significant data breach at its U.S. subsidiary, Infosys McCamish Systems LLC (McCamish). The settlement, announced on March 14, 2025, resolves allegations…
MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR
MEDUSA ransomware operation has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems. This dangerous capability allows the ransomware to operate undetected, significantly increasing the threat to organizations’ security infrastructure. The ABYSSWORKER…
Hackers Exploiting Checkpoint’s Driver in BYOVD Attack to Bypass Windows Security
A sophisticated attack where threat actors exploited vulnerabilities in vsdatant.sys, a kernel-level driver used by Checkpoint’s ZoneAlarm antivirus software. Originally released in 2016, this driver became the target of a Bring Your Own Vulnerable Driver (BYOVD) attack, allowing attackers to…
Chinese FishMonger APT Operated by I‑SOON Attacking Government Entities & NGOs
Recent cybersecurity investigations have uncovered a sophisticated threat actor dubbed “FishMonger” operating under the umbrella of I-SOON, a Chinese company with alleged ties to state-sponsored hacking operations. This Advanced Persistent Threat (APT) group has been systematically targeting government institutions and…
Threat Actors Leveraging Reddit Posts To Actively Spread AMOS and Lumma Stealers
A sophisticated malware campaign is currently targeting cryptocurrency enthusiasts on Reddit, offering fake “cracked” versions of the popular trading platform TradingView. The malicious actors are distributing two dangerous data stealers—AMOS for macOS users and Lumma Stealer for Windows users—through seemingly…
CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released five Industrial Control Systems (ICS) advisories on March 20, 2025, providing critical information about security vulnerabilities affecting industrial control systems across multiple vendors. These advisories offer essential guidance on mitigations for vulnerabilities…
Caido v0.47.0 Released – Burp Suite Alternative Web Pentesting Tool Brings New Features
Caido, the innovative security testing tool positioning itself as a compelling alternative to Burp Suite, has just rolled out its latest update, version 0.47.0. This release introduces a slew of exciting features, a revamped user experience, and critical bug fixes,…