Tag: Cyber Security News

The National Security Agency (NSA) has launched Ghidra 11.3, the latest version of its open-source software reverse engineering (SRE) framework. The National Security Agency (NSA) has developed Ghidra, a cutting-edge Software Reverse Engineering (SRE) framework designed to analyze compiled code…

Read more →

Security analysts know the struggle: endless alerts, repetitive tasks, and not enough hours in the day. The volume of potential threats can be overwhelming, making efficient alert triage crucial for any Security Operations Center (SOC). The great news is that…

Read more →

Cybersecurity researchers at Palo Alto have recently uncovered a large-scale gift card scam campaign involving 276 stockpiled domains. The scam targets users by advertising free or discounted gift cards for popular services such as Google Play, Amazon, and Roblox, luring…

Read more →

Less than a month after its groundbreaking launch, Chinese artificial intelligence company DeepSeek has found itself at the center of a cybersecurity storm. The company, which debuted its first AI model, DeepSeek-R1, on January 20, 2025, has been grappling with…

Read more →

Threat actors have been leveraging the legitimate Remote Monitoring and Management (RMM) tool, ScreenConnect, to establish persistence in their cyberattacks. This trend shows the evolving tactics of hackers who exploit trusted software to gain unauthorized access to systems. ScreenConnect, now…

Read more →

A threat actor has allegedly obtained the login information for 20 million OpenAI accounts, including passwords and email addresses. This claim was made on an underground forum, where the actor provided a sample of the data and offered the full…

Read more →

A recent cybersecurity threat has emerged in the form of the Nova Stealer malware, a fork of the popular SnakeLogger stealer. This malware is being marketed on hacking forums under a Malware-as-a-Service (MaaS) model, making it accessible to a wide…

Read more →

Israeli spyware company Paragon Solutions has terminated its contract with Italy following allegations that its military-grade surveillance software, Graphite, was misused to target journalists and civil society members. The decision comes less than a week after WhatsApp revealed that the…

Read more →

Flesh Stealer has surfaced as a high-profile malware campaign targeting web browsers like Chrome, Firefox, Edge, and even messaging platforms like Signal and Telegram. Written in C# as a .NET executable, Flesh Stealer emerged in August 2024 and has been…

Read more →

The XE Group, a sophisticated cybercriminal organization active since at least 2013, has recently been involved in exploiting zero-day vulnerabilities to deploy malware and steal sensitive information. Initially known for credit card skimming and password theft, the group has shifted…

Read more →

A recently disclosed vulnerability in F5’s BIG-IP system has raised significant security concerns. Identified as CVE-2025-21091, this flaw allows remote, unauthenticated attackers to trigger a Denial-of-Service (DoS) attack by exploiting the Simple Network Management Protocol (SNMP) when SNMP v1 or…

Read more →

Cybercriminals have escalated their phishing tactics by leveraging Scalable Vector Graphics (SVG) files to bypass traditional anti-phishing and anti-spam defenses.  These attacks, which first became widespread late last year, have increased dramatically since January 2025, exploiting the unique properties of…

Read more →

A major security vulnerability in DeepSeek, the breakthrough Chinese AI model, has been uncovered by researchers, exposing the platform’s entire system prompt through a sophisticated jailbreak technique.  This discovery has raised serious concerns about AI security and model training transparency.…

Read more →

A zero-day vulnerability has been discovered in the Mobile Security Framework (MobSF), an automated platform for mobile application penetration testing, malware analysis, and security assessments.  The flaw, identified as a Partial Denial of Service (DoS) vulnerability, affects the Scans Results…

Read more →

Cisco has disclosed multiple high-severity vulnerabilities in the Simple Network Management Protocol (SNMP) subsystem of its IOS, IOS XE, and IOS XR software.  These vulnerabilities could allow authenticated, remote attackers to trigger a Denial of Service (DoS) condition on affected…

Read more →

Cybersecurity experts have uncovered a sophisticated campaign by North Korea’s Kimsuky group, employing a custom-built RDP Wrapper to gain unauthorized access to compromised machines. This marks another alarming evolution in the group’s cyber-espionage tactics, targeting organizations globally. The Kimsuky group,…

Read more →

The North Korea-linked Lazarus Group (aka APT 38) has been targeting organizations through a LinkedIn recruiting scam. Through this scam threat actors behind Lazarus Group aim to capture the credentials and deliver malware. This malicious operation exploits the trust in…

Read more →

Canonical, the company behind Ubuntu, has announced that Ubuntu is now available on Microsoft’s new tar-based distribution architecture for Windows Subsystem for Linux (WSL).  This development marks a significant shift in how Linux distributions can be deployed and managed within…

Read more →

A recently disclosed vulnerability in AnyDesk, a widely used remote desktop software, has raised significant cybersecurity concerns.  The vulnerability identified by CVE-2024-12754 and tracked by ZDI-24-1711 allows local attackers to exploit the handling of Windows background images to gain unauthorized…

Read more →

In recent months, macOS users have faced a significant rise in password-stealing malware attacks. These threats, often distributed through malicious advertising and fake application installers, have become increasingly sophisticated. Three prominent malware types, “Atomic Stealer,” “Poseidon Stealer,” and “Cthulhu Stealer”…

Read more →