A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…
Tag: Cyber Security News
Hackers Using JSPSpy Tool To Manage Malicious Webshell Infrastructure
Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…
GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User
GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances. The company has urged all self-managed GitLab installations to immediately upgrade to versions…
Medusa Ransomware Hacked 300+ Organizations Worldwide from Variety of Critical Infrastructure
A highly sophisticated ransomware variant named Medusa has compromised over 300 organizations worldwide from critical infrastructure sectors. The attacks have targeted a wide array of industries including medical, education, legal, insurance, technology, and manufacturing sectors, demonstrating the threat actor’s broad…
New OBSCURE#BAT Manipulates System Processes & Registry Entries To Evade Detection
A sophisticated malware campaign, tracked as OBSCURE#BAT, has been identified using heavily obfuscated batch scripts to install stealthy rootkits, allowing attackers to maintain persistent access to compromised systems while avoiding detection. This campaign uses social engineering tactics and deceptive file…
Fortinet Addresses Multiple Vulnerabilities in FortiSandbox, FortiOS, & Other Products
Fortinet has released a comprehensive security update addressing numerous vulnerabilities across its product portfolio, with particularly significant issues identified in FortiSandbox, FortiOS, and several other enterprise security solutions. These vulnerabilities range from medium to high severity and could potentially allow…
China-Nexus Group Hacked Juniper Networks and Implant Backdoors on Its Routers
In a significant cybersecurity breach discovered in mid-2024, a sophisticated threat actor deployed custom backdoors on Juniper Networks’ Junos OS routers. The intrusion represents an alarming development in the targeting of critical network infrastructure by nation-state actors, with potential implications…
US Charges 12 Chinese Hackers For Hacking National Security Infrastructure
The United States Department of Justice unveiled charges against twelve Chinese nationals on March 5, 2025, accusing them of orchestrating a sophisticated global cyber espionage campaign targeting critical American infrastructure, government agencies, and dissidents. The indictments mark a significant escalation…
Cisco IOS XR Software Vulnerability Allows Attackers to Execute Commands as Root
Cisco has disclosed a high-severity privilege escalation vulnerability (CVE-2025-20138) in its IOS XR Software. This vulnerability enables authenticated local attackers to execute arbitrary commands as the root user on affected devices. The flaw, with a CVSS score of 8.8, impacts…
Multiple Zoom Client Vulnerabilities Exposes Sensitive Data
Recent security disclosures reveal multiple high-severity vulnerabilities in Zoom’s client software, exposing millions of users to potential data breaches, privilege escalation, and unauthorized access. The most critical flaws, patched in Zoom’s March 11, 2025, security bulletin, include CVE-2025-27440 (heap-based buffer…
Tycoon2FA Phishkit Updates Tactics with PDF Lures & Redirects
Tycoon is back with a new phishing trick! The threat group has updated its tactics, using PDF lures and clever redirects to steal credentials. Victims are tricked into clicking a fake company policy notice, leading them straight to a phishing…
MirrorFace APT Hackers Exploited Windows Sandbox & Visual Studio Code Using Custom Malware
The National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a security advisory regarding an Advanced Persistent Threat (APT) attack campaign targeting organizations in Japan. The campaign, attributed to a threat actor…
DCRat Malware Via YouTube Attacking Users To Steal Login Credentials
A new wave of cyberattacks utilizing the Dark Crystal RAT (DCRat) backdoor has been targeting users since early 2025 through YouTube distribution channels. Cybercriminals create or compromise YouTube accounts to upload videos advertising gaming cheats, cracks, and bots that appeal…
NVIDIA Riva Vulnerabilities Let Attackers Escalate Privileges
NVIDIA has issued a significant software update for its Riva speech AI platform, releasing version 2.19.0 to resolve two high-severity vulnerabilities (CVE-2025-23242 and CVE-2025-23243) involving improper access control mechanisms. The update, detailed in a March 10, 2025 security bulletin, impacts…
PHP XXE Injection Vulnerability Let Attackers Read Config Files & Private Keys
Security researchers have uncovered a sophisticated XML External Entity (XXE) injection vulnerability in PHP applications that could allow attackers to access sensitive configuration files and private keys. The vulnerability, discovered by researcher Aleksandr Zhurnakov, affects PHP applications using certain libxml…
Critical Windows Remote Desktop Services Vulnerability Lets Attackers Execute Malicious Code
Microsoft has released its March security update, addressing 57 vulnerabilities across its product range, including six critical flaws. Among the critical vulnerabilities are CVE-2025-24035 and CVE-2025-24045, both Remote Code Execution (RCE) vulnerabilities in Windows Remote Desktop Services (RDS). Each vulnerability…
CISA Warns of Windows NTFS Vulnerability Actively Exploited to Access Sensitive Data
The Cybersecurity and Infrastructure Security Agency (CISA) escalated its cybersecurity alert, by adding six critical Microsoft Windows vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, with four directly impacting the New Technology File System (NTFS). These flaws CVE-2025-24984, CVE-2025-24991, CVE-2025-24993,…
New Fully Undetected Anubis Malware Let Hackers Execute Remote Commands
A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus solutions. Developed by the notorious threat group Savage Ladybug (also known as FIN7), this malware…
Hackers Using Advanced MFA-Bypassing Techniques To Gain Access To User Account
A disturbing trend of sophisticated attacks recently detected by researchers specifically designed to evade multi-factor authentication (MFA) protections. These advanced techniques, which exploit vulnerabilities in authentication workflows rather than the authentication factors themselves, have enabled attackers to gain unauthorized access…
New XCSSET Malware Attacking macOS Users With Enhanced Obfuscation
Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that infects Xcode projects and executes when developers build these projects. This is the first known XCSSET variant since 2022, featuring enhanced obfuscation methods, updated…