A sophisticated phishing campaign is leveraging virtual hard disk (.vhd) files to distribute the dangerous VenomRAT malware. The attack begins with purchase order-themed emails containing archive attachments that, when extracted, reveal hard disk image files designed to evade traditional security…
Tag: Cyber Security News
CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert highlighting a significant vulnerability in Fortinet’s FortiOS and FortiProxy systems, which threat actors are actively exploiting. The authentication bypass vulnerability, tracked as CVE-2025-24472, has been added to…
8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Groups
A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373, allows attackers to execute hidden malicious commands on victims’ machines by leveraging specially crafted Windows…
New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code
ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone significant developments, incorporating more advanced deception techniques to deliver malware…
Hackers Employ DLL Side-Loading To Deliver Malicious Python Code
A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls by exploiting the way legitimate applications search for and load…
Bybit Hack – Sophisticated Multi-Stage Attack Details Revealed
Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers intervened and manipulated the transaction, ultimately siphoning over 400,000 ETH…
Squid Werewolf Mimic as Recruiters Attacking Job Seekers To Exfiltrate Personal Data
A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The attackers send phishing emails disguised as job opportunities from legitimate industrial organizations, attaching malicious files…
Cloudflare to Implement Post-Quantum Cryptography to Defend Attacks from Quantum Computers
Cloudflare has announced the first phase of end-to-end quantum readiness for its Zero Trust platform, enabling organizations to protect their corporate network traffic against future quantum computer threats. The initiative, which builds on Cloudflare’s research into post-quantum cryptography since 2017,…
New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users
A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely on lookalike domains or email spoofing, this attack leverages Microsoft’s…
331 Malicious Apps with 60 Million Downloads on Google Play Bypass Android 13 Security
Security researchers from Bitdefender have uncovered a large-scale ad fraud campaign involving 331 malicious apps on the Google Play Store. These apps, which have accumulated over 60 million downloads, exploit vulnerabilities in Android 13 to bypass security restrictions and carry…
Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data
Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware has been observed in targeted attacks against financial institutions, government…
DocSwap Malware as Security Document Viewer Attacking Android Users Worldwide
A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to trick users into installing what appears to be a productivity…
ChatGPT Vulnerability Actively Exploited From 10,000+ IPs to Attack US Government Organizations
Attackers are actively exploiting a Server-Side Request Forgery (SSRF) vulnerability in OpenAI’s ChatGPT infrastructure. The vulnerability, identified as CVE-2024-27564, has become a significant threat despite its medium severity classification. According to research by cybersecurity firm Veriti, this vulnerability has already been…
Google Parent Alphabet in Talks to Acquire Cyber Security Group Wiz for $30bn
Google’s parent company, Alphabet Inc., is reportedly in advanced negotiations to acquire cybersecurity startup Wiz for approximately $30 billion. If completed, this acquisition would become the tech giant’s largest deal in its history, far surpassing its previous record of $12.5…
GIMP 3.0 Image Editor Released For Linux, macOS, Unix, and Windows
At long last, the first release of GIMP 3.0 is here! This is the end result of seven years of rigorous development by volunteer developers, designers, artists, and community members (for reference, GIMP 2.10 was first published in 2018). With…
New BitM Attack Lets Hackers Steal User Sessions Within Seconds
A sophisticated cyberattack technique known as Browser-in-the-Middle (BitM) has emerged, enabling hackers to bypass multi-factor authentication (MFA) and steal user sessions in mere seconds. This method exploits web browser functionalities to hijack authenticated sessions, posing a significant threat to organizations…
PoC Exploit Released for Use-after-free Linux Kernel Vulnerability
Security researchers have publicly released a proof-of-concept (PoC) exploit for CVE-2024-36904, a critical use-after-free vulnerability in the Linux kernel that has remained undetected for seven years. The vulnerability, which affects the TCP subsystem, could potentially allow attackers to execute remote…
Denmark Warns of Serious Cyber Attacks Targeting Telecommunication Sector
The Danish Agency for Social Security (CFCS) has issued an updated threat assessment warning of severe cyber threats targeting the nation’s telecommunications sector, signaling a heightened alert level for state-sponsored espionage. The report, which supersedes the 2022 version, underscores an…
Red Team Tool Cobalt Strike 4.11 Released With out-of-the-box Evasion Options
Cobalt Strike has released version 4.11 with significant improvements to its evasion capabilities, making the popular red team tool more resilient against modern security solutions. The update introduces a novel Sleepmask, new process injection techniques, enhanced obfuscation options, and stealthier…
Crypto Exchange OKX Suspends Tool Used by North Korean Hackers to Steal Funds
Cryptocurrency exchange OKX has temporarily suspended its decentralized exchange (DEX) aggregator service following allegations that North Korea’s state-sponsored Lazarus Group exploited it to launder funds stolen from the recent Bybit hack. The suspension, announced on March 17, 2025, coincides with…