Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Tag: Cyber Security News
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…
ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…
Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…
Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
A widespread phishing campaign is currently targeting GitHub repositories with fake security alerts, potentially compromising thousands of developer accounts. Cybersecurity experts warn that these sophisticated attacks could grant hackers complete control over victims’ code repositories and personal information. Security researcher…
Attackers Embedding Malicious Word file into a PDF to Evade Detections
A sophisticated attack vector dubbed “MalDoc in PDF” allows threat actors to bypass traditional security scanning by embedding malicious Word documents into PDF files. This technique, observed in attacks dating back to July, enables macros to execute when victims open…
41% of Success Logins Across Websites Involves Compromised Passwords
Password reuse continues to be one of the most significant security vulnerabilities in 2025, with alarming new data showing nearly half of all successful website logins involve previously exposed credentials. This widespread practice of recycling passwords across multiple services creates…
US Sperm Donor Giant California Cryobank Hacked – Customers Personal Data Exposed
California Cryobank LLC, one of America’s largest sperm donor repositories, has confirmed a significant data breach that exposed sensitive customer information. The cyber intrusion, which occurred on April 20, 2024, but remained undetected until October 4, 2024, has triggered mandatory…
Threat Actors Stolen Over 3.2 Billion Login Credentials & Infected 23 Million Devices Worldwide
In what security experts are calling one of the largest credential theft campaigns in history, sophisticated threat actors have successfully exfiltrated over 3.2 billion login credentials and compromised approximately 23 million devices across six continents. The massive operation, identified in…
Arcane Stealer Via YouTube Videos Steal Data From Network Utilities Including VPN & FileZilla
A sophisticated new malware strain called “Arcane” that specifically targets network utilities, VPN clients, and file transfer applications. The malware, discovered in late 2024, is being distributed through seemingly innocent YouTube videos that promote game cheats and cracks, putting thousands…
New AI Jailbreak Technique Bypasses Security Measures to Write Malware for Google Chrome
A new report indicates that individuals lacking technical knowledge can create advanced malware using widely recognized AI systems, thereby turning ordinary people into significant cybersecurity threats. The 2025 Cato CTRL™ Threat Report, published on March 18, details how a threat…
Cloudflare Launches Cloudforce One Threat Platform to Analyze IoCs, IP, Hashes & Domains
Cloudflare has unveiled its new threat events platform for Cloudforce One customers, offering a comprehensive solution to one of the most significant challenges in cybersecurity today: contextualizing threat intelligence data. The platform provides security practitioners with actionable insights by analyzing indicators…
Hackers Leveraging Azure App Proxy Pre-authentication to Access Orgs Private Network Resources
Recent security findings reveal that threat actors are actively exploiting misconfigured Azure application proxies to gain unauthorized access to organizations’ internal resources. When Azure app proxy pre-authentication is set to “Passthrough” instead of the default “Microsoft Entra ID” setting, private…
PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems
Security researchers at Bitdefender Labs have detected a significant surge in exploitation attempts targeting a critical PHP vulnerability that allows attackers to execute malicious code on Windows-based systems. The vulnerability, tracked as CVE-2024-4577, has been actively exploited since June 2024,…
MirrorFace Hackers Customized AsyncRAT Execution Chain to Run Within Windows Sandbox
The China-aligned advanced persistent threat (APT) group MirrorFace has updated its tactics, techniques, and procedures (TTPs) with a sophisticated approach to deploying malware. Known primarily for targeting Japanese entities, the group has expanded its operations to include a Central European…
Threat Actors Exploiting DLL Side-Loading Vulnerability in Google Chrome to Execute Malicious Payloads
Cybersecurity researchers have identified a concerning new attack vector where threat actors are actively exploiting a vulnerability in Google Chrome version 133.0.6943.126 through DLL side-loading techniques. This sophisticated attack allows malicious code execution through Chrome’s trusted subprocesses, creating a significant…
Hackers Abuse Cobalt Strike, SQLMap & Other Tools to Target Organizations’ Web Applications
Cybersecurity experts have uncovered a sophisticated campaign targeting enterprise web applications through the abuse of legitimate penetration testing tools. Threat actors are increasingly leveraging professional security tools including Cobalt Strike, SQLMap, and other reconnaissance utilities to compromise corporate networks with…
Sophisticated Attack Via Booking Websites Installs LummaStealer Malware
Cybercriminals have launched a new sophisticated attack campaign targeting travelers through fake booking websites. The campaign, discovered in early 2025, tricks users into installing LummaStealer malware through deceptive CAPTCHA verification processes, putting personal and financial information at risk. The attack…