A sophisticated threat campaign targeting Windows systems has emerged, leveraging a new strain of malware known as winos 4.0 to compromise organizations across Taiwan. The attack, which has been active since January 2025, demonstrates the evolving tactics of cybercriminals who…
Tag: Cyber Security News
Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS
A critical supply chain vulnerability dubbed “GerriScary” (CVE-2025-1568) that could have allowed attackers to inject malicious code into at least 18 major Google projects, including ChromiumOS, Chromium, Dart, and Bazel. The vulnerability uncovered by Tenable security researcher Liv Matan exploits…
New Veeam Vulnerabilities Enables Malicious Remote Code Execution on Backup Servers
Critical security vulnerabilities have been discovered in Veeam’s backup software solutions that could allow attackers to execute malicious code remotely on backup servers, posing significant risks to enterprise data protection systems. The vulnerabilities, assigned CVE numbers 2025-23121, 2025-24286, and 2025-24287,…
How to Detect Threats Early For Fast Incident Response: 3 Examples
Security Operations Center (SOC) teams are now facing an increasingly complex challenge: identifying and responding to security incidents before they can cause significant damage. The key to effective incident response is not just detecting threats quickly. It is understanding the…
New Microsoft Excel Token Protection Policy May Block Certain Data Imports
Microsoft has announced a significant security update that could disrupt data workflows for organizations heavily reliant on Excel’s Power Query functionality. The Microsoft Entra Conditional Access Token Protection feature, currently in Public Preview, introduces enhanced security measures that may prevent…
Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data
Two critical security vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway products, formerly known as Citrix ADC and Gateway, potentially allowing attackers to access sensitive data and compromise network security. Cloud Software Group, the company behind these networking…
Email Hosting Provider Cock.li Hacked – 1 Million Email Addresses Stolen
A major security breach at email hosting provider Cock[.]li has compromised personal data from over one million users, the company announced in an official statement. The incident specifically targeted the service’s Roundcube webmail platform, affecting approximately 1,023,800 users who had…
WhatsApp to Show Ads for Users in Status & Updates Tab
Meta has announced a significant expansion of WhatsApp’s monetization strategy with the introduction of advertising capabilities within the platform’s Updates tab. The company is implementing three key features: channel subscriptions, promoted channels, and status advertisements, targeting the 1.5 billion daily…
Critical Sitecore CMS Platform Vulnerabilities Let Attackers Gain Full Control of Deployments
Critical vulnerabilities in Sitecore Experience Platform, one of the most widely deployed enterprise content management systems, potentially expose over 22,000 instances worldwide to complete system compromise. The vulnerabilities, discovered by watchTowr researchers, allow attackers to gain full control of Sitecore…
New Sorillus RAT Actively Attacking European Organizations Via Tunneling Services
European organizations are facing a sophisticated cyber threat as the Sorillus Remote Access Trojan (RAT) emerges as a prominent weapon in a multi-language phishing campaign targeting businesses across Spain, Portugal, Italy, France, Belgium, and the Netherlands. The malware, which has…
BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code
A high-severity remote code execution vulnerability has been identified in BeyondTrust’s Remote Support and Privileged Remote Access platforms, potentially allowing attackers to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2025-5309, carries a CVSSv4 score of 8.6 and…
New Variants of Chaos RAT Attacking Windows and Linux Systems to Steal Sensitive Data
Cybersecurity researchers have identified sophisticated new variants of Chaos RAT, a remote administration tool that has evolved from an open-source project into a formidable cross-platform malware threat targeting both Windows and Linux systems. Originally documented in 2022, this malware has…
ASUS Armoury Crate Vulnerability Let Attackers Escalate to System User on Windows Machine
A critical authorization bypass vulnerability in ASUS Armoury Crate enables attackers to gain system-level privileges on Windows machines through a sophisticated hard link manipulation technique. The vulnerability, tracked as CVE-2025-3464 with a CVSS score of 8.8, affects the popular gaming…
New KimJongRAT Stealer Using Weaponized LNK File to Deploy Powershell Based Dropper
A sophisticated evolution of the KimJongRAT malware family has emerged, demonstrating advanced techniques for credential theft and system compromise through weaponized Windows shortcut files and PowerShell-based payloads. This latest campaign represents a significant advancement from previous variants, incorporating both Portable…
Google Chrome 0-Day Vulnerability Exploited by APT Hackers in the Wild
A sophisticated attack campaign exploiting a Google Chrome zero-day vulnerability tracked as CVE-2025-2783, marking yet another instance of advanced persistent threat (APT) groups leveraging previously unknown security flaws to compromise high-value targets. The vulnerability, which enables sandbox escape capabilities, has…
Critical sslh Vulnerabilities Let Hackers Trigger Remote DoS Attacks
Two critical vulnerabilities in sslh, a popular protocol demultiplexer that allows multiple services to share the same network port. The flaws tracked as CVE-2025-46807 and CVE-2025-46806 could be exploited remotely to trigger denial-of-service (DoS) attacks. The vulnerabilities affect sslh versions prior…
Kimsuky and Konni APT Groups Accounts Most Active Attacks Targeting East Asia
North Korean state-sponsored advanced persistent threat (APT) groups Kimsuky and Konni have emerged as the most prolific cyber threat actors targeting East Asian nations, according to the latest threat intelligence findings. In April 2025, these groups orchestrated the highest number…
Beware of Weaponized Research Papers That Delivers Malware Via Password-Protected Documents
A newly identified malware campaign orchestrated by the notorious Kimsuky group has been leveraging password-protected research documents to infiltrate academic networks and compromise sensitive systems. This sophisticated attack represents a significant evolution in social engineering tactics, exploiting the academic community’s…
New Sophisticated Multi-Stage Malware Campaign Weaponizes VBS Files to Execute PowerShell Script
Security researchers have uncovered a sophisticated malware campaign utilizing heavily obfuscated Visual Basic Script (VBS) files to deploy multiple types of remote access trojans (RATs). The campaign, discovered in June 2025, involves a cluster of 16 open directories containing obfuscated…
Hackers Deliver Fileless AsyncRAT Using Clickfix Technique via Fake Verification Prompt
A sophisticated fileless malware campaign targeting German-speaking users has emerged, employing deceptive verification prompts to distribute AsyncRAT through the increasingly popular Clickfix technique. The malware masquerades as a legitimate “I’m not a robot” CAPTCHA verification, tricking victims into executing malicious…