A sophisticated malware campaign leveraging social engineering tactics has targeted financial technology and cryptocurrency platforms between December 20–24, 2024. Dubbed Zhong Stealer, this previously undocumented threat employed compromised AnyDesk installations and phishing lures to infiltrate systems, stealing credentials and establishing…
Tag: Cyber Security News
Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS
Researchers uncovered nine critical vulnerabilities in NVIDIA’s CUDA Toolkit, a cornerstone software suite for GPU-accelerated computing. These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose developers to denial-of-service (DoS) attacks and information disclosure risks when analyzing maliciously crafted cubin files.…
Fedora Linux Kernel Vulnerability Let Attackers Gain Access to Sensitive Data
A critical vulnerability (CVE-2025-1272) in Fedora Linux kernels starting at version 6.12 has disabled the kernel’s Lockdown Mode by default, potentially allowing attackers to bypass Secure Boot protections, load unsigned kernel modules, and access sensitive kernel memory regions. The regression,…
AWS Key Hunter – A Free Automated Tool to Detect Exposed AWS keys
AWS-Key-Hunter is an open-source tool released to automatically scan public GitHub repositories for exposed AWS access keys. The tool, which leverages continuous monitoring and Discord-based alerts, aims to mitigate risks associated with accidental credential leaks in version control systems. According to the…
Microsoft Admin Technical Guide to Block & Remove Apps on Endpoints
In response to growing regulatory requirements worldwide, Microsoft has published detailed technical guidance for Intune administrators on blocking and removing specific applications from managed endpoints. The guide focuses on compliance with international frameworks such as Australia’s Protective Security Policy Framework…
APT-C-28 Group Launched New Cyber Attack With Fileless RokRat Malware
The 360 Advanced Threat Research Institute has uncovered a sophisticated cyber espionage campaign orchestrated by the North Korean-linked threat actor APT-C-28, also known as ScarCruft or APT37. The group, active since 2012, has shifted tactics to employ fileless malware delivery…
Microsoft Power Pages 0-Day Vulnerability Exploited in the Wild
Microsoft has confirmed active exploitation of a critical elevation-of-privilege vulnerability (CVE-2025-24989) in its Power Pages platform, a low-code tool organizations use to build business websites. The vulnerability, which allowed unauthorized attackers to bypass registration controls and escalate network privileges, underscores…
Ghost Ransomware Compromised Organisations Across 70+ Countries – CISA & FBI Warns
The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning of widespread attacks by the Ghost ransomware group, which has compromised over 70 organizations across critical sectors globally. Operating under aliases…
NSA Added New Features to Supercharge Ghidra 11.3
The National Security Agency (NSA) has unveiled Ghidra 11.3, a transformative update to its open-source Software Reverse Engineering (SRE) framework, delivering advanced debugging tools, accelerated emulation, and modernized integrations for cybersecurity professionals. This version introduces critical enhancements tailored for kernel-level…
Symantec Diagnostic Tool Vulnerability Let Attackers Escalate Privileges
Symantec, a division of Broadcom, has addressed a critical security flaw (CVE-2025-0893) in its Diagnostic Tool (SymDiag) that could allow attackers to escalate privileges on affected systems. The vulnerability, which impacted SymDiag versions prior to 3.0.79, received a CVSSv3 score…
Windows Disk Cleanup Tool Vulnerability Exploited to Gain SYSTEM Privileges
Microsoft has addressed a critical vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) in the February 2025 Patch Tuesday security updates. Tracked as CVE-2025-21420, the vulnerability has a CVSS rating of 7.8 and could allow a threat actor to gain…
Citrix NetScaler Vulnerability Allows Unauthorized Command Execution
Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. Rated 8.8 on the CVSS v4.0 scale, the flaw enables authenticated attackers to execute unauthorized…
Hackers Weaponize Jarsigner App To Execute XLoader Malware
Threat actors have been observed exploiting the legitimate Java Archive (JAR) signing tool jarsigner.exe to deploy the notorious XLoader malware, according to recent findings from the AhnLab Security Intelligence Center (ASEC). This attack leverages DLL side-loading techniques to bypass security…
Critical Microsoft Bing Vulnerability Let Attackers Execute Code Remotely
Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. The vulnerability, classified as a Missing authentication for a Critical Function flaw, posed significant…
New Snake Keylogger Attacking Chrome, Edge, and Firefox Users
A sophisticated new variant of the Snake Keylogger (detected as Autolt/Injector.GTY!tr) has emerged as a critical threat to Windows users. It leverages advanced evasion techniques to steal sensitive data from Chrome, Edge, and Firefox browsers. FortiGuard Labs reports over 280…
New Web Inject Attack Campaigns Targeting MacOS Users To Deploy FrigidStealer Malware
Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new information-stealing malware called FrigidStealer. The operation involves two newly identified threat actors, TA2726 and TA2727, collaborating to compromise legitimate websites and redirect victims…
Hackers Inject FrigidStealer Malware on Your macOS Via Fake Browser Updates
A surge in malicious web inject campaigns has introduced FrigidStealer, a new macOS-specific information stealer, deployed via fake browser update prompts. Cybersecurity firm Proofpoint identified two previously unknown threat actors, TA2726 and TA2727, collaborating to distribute this malware globally, marking…
Russian CryptoBytes Hackers Exploiting Windows Machines To Deploy UxCryptor Ransomware
The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat research team. This financially motivated group, active since at least 2023, leverages leaked…
Beware! New Fake Browser Updates Deploy NetSupport RAT & StealC Malware on Your Windows
A sophisticated malware campaign attributed to the SmartApeSG threat actor (also tracked as ZPHP/HANEYMANEY) has targeted users through compromised websites since early 2024, deploying NetSupport RAT and StealC malware via fraudulent browser update notifications. The campaign exemplifies the growing sophistication…
BlackLock Emerging As a Major Player In RaaS With Variants for Windows, VMWare ESXi, & Linux Environments
Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and sophisticated anti-detection techniques to compromise Windows, VMWare ESXi, and Linux environments. By Q4…