A sophisticated attack campaign using steganographic techniques to hide malicious code within ordinary JPEG image files, delivering a fully undetectable (FUD) ransomware payload that bypasses traditional security solutions. The attack exploits the metadata structure of JPEG files to conceal PowerShell…
Tag: Cyber Security News
Hackers Exploit Copilot AI for SharePoint to Access Passwords & Other Sensitive Data
Multiple vulnerabilities in Microsoft’s Copilot AI for SharePoint, enabling attackers to access sensitive corporate data including passwords, API keys, and confidential documents. As organizations increasingly adopt AI assistants for productivity gains, these security gaps present significant risks to enterprise data…
Cybercrime Escalates in 2025 as Hackers Target Everyday Devices with Sophisticated Attacks
The global cost of cybercrime is projected to reach $10.5 trillion annually by 2025, underscoring the unprecedented scale of digital threats in an increasingly connected world. This year has seen a dramatic shift in attacker tactics, with malicious actors exploiting…
Microsoft Releases Detailed Guide to Fix Windows Blue Screen Errors
Microsoft has published a comprehensive official guide to troubleshoot and fix the dreaded Blue Screen of Death (BSOD) on Windows 11 and Windows 10 systems. The detailed documentation, updated on May 11, 2025, comes in the wake of several high-profile…
Hackers Exploiting Legacy Protocols in Microsoft Entra ID to Bypass MFA & Conditional Access
A sophisticated campaign targeting Microsoft Entra ID through legacy authentication protocols has been uncovered, operating between March 18 and April 7, 2025. The attackers specifically exploited outdated authentication methods to circumvent modern security controls, creating a concerning backdoor into enterprise…
Major Retail Chains Suffer Data Breaches Amid Rising Cyber Threats to Consumer Trust
A wave of cyberattacks targeting major retail chains has intensified concerns about data security and consumer trust. British retailers Marks & Spencer, Harrods, and Co-op are the latest casualties in a global surge of ransomware and phishing campaigns. These incidents,…
PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability
A critical Proof-of-Concept (PoC) exploit has been released for a significant vulnerability in the Linux kernel’s nftables subsystem, tracked as CVE-2024-26809. This flaw, rooted in the kernel’s netfilter infrastructure, exposes affected systems to local privilege escalation through a sophisticated double-free…
New Phishing Attack Abusing Blob URLs to Bypass SEGs and Evade Analysis
Cybersecurity experts have identified a sophisticated phishing technique that exploits blob URIs (Uniform Resource Identifiers) to evade detection by Secure Email Gateways (SEGs) and security analysis tools. This emerging attack method leverages the unique properties of blob URIs, which are…
Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution
Defendnot, a sophisticated new tool that effectively disables Windows Defender by exploiting the Windows Security Center (WSC) API to register itself as a legitimate antivirus solution. The Windows Security Center service is designed to ensure Windows computers maintain adequate security…
Critical Vulnerabilities in Mitel SIP Phones Let Attackers Inject Malicious Commands
Security researchers have discovered two significant vulnerabilities affecting Mitel’s suite of SIP phones that could allow attackers to execute arbitrary commands and upload malicious files. The more severe vulnerability, identified as CVE-2025-47188, received a critical CVSS score of 9.8 and…
Microsoft Teams To Block Screen Capture During Meetings
Microsoft has announced a new “Prevent Screen Capture” feature for Teams that will block unauthorized screenshots during meetings. The feature, scheduled for worldwide rollout in July 2025, represents Microsoft’s continued focus on enterprise security and regulatory compliance in an era…
“PupkinStealer” A New .NET-Based Malware Steals Browser Credentials & Exfiltrate via Telegram
A newly identified information-stealing malware, dubbed PupkinStealer, Developed in C# using the .NET framework, this lightweight yet effective malware targets sensitive user data, including browser credentials, desktop files, messaging app sessions, and screenshots. According to a CYFIRMA detailed analysis shared…
Beware! Fake AI Video Generation Platforms Drop Stealer Malware on Your Computers
As artificial intelligence (AI) tools gain mainstream traction for content creation, cybercriminals are capitalizing on the hype with a sophisticated new attack vector, fake AI platforms promising advanced video and image editing capabilities. These fraudulent sites, amplified through viral social…
20 Years old Proxy Botnet Network Dismantled That Exploits 1000 Unique Unpatched Devices Weekly
In a coordinated effort, Lumen Technologies’ Black Lotus Labs, the U.S. Department of Justice (DOJ), the Federal Bureau of Investigation (FBI), and the Dutch National Police have dismantled a sophisticated criminal proxy network that has operated since 2004. The botnet,…
Chinese Hackers Exploit SAP RCE Vulnerability to Upload Supershell Backdoors
A critical remote code execution vulnerability in SAP NetWeaver Visual Composer (CVE-2025-31324) is being actively exploited by a Chinese threat actor to compromise enterprise systems worldwide. The vulnerability allows attackers to achieve remote code execution by uploading malicious web shells…
Threat Actors Attacking Job Seekers With Three New Unique Adversaries
A significant surge in sophisticated recruitment scams has emerged, with cybercriminals exploiting economic vulnerabilities and the competitive job market to target desperate job seekers. These scams employ increasingly refined social engineering tactics that blend legitimate recruitment practices with fraudulent schemes,…
Hackers Attacking IT Admins by Poisoning SEO to Move Malware on Top of Search Results
Cybersecurity experts have uncovered a sophisticated attack campaign targeting IT administrators through search engine optimization (SEO) poisoning tactics. Threat actors are leveraging advanced SEO techniques to push malicious versions of commonly used administrative tools to the top of search engine…
Malicious Python Package Mimic as Attacking Discord Developers With Malicious Remote Commands
A seemingly innocent Python package has been unmasked as a sophisticated remote access trojan (RAT) targeting the Discord developer community. On March 21, 2022, a package named ‘discordpydebug’ appeared on the Python Package Index (PyPI) under the innocuous description “Discord…
New Mamona Ransomware Attack Windows Machines by Abusing Ping Commands
A new ransomware strain dubbed “Mamona” that operates entirely offline and leverages a clever attack strategy that abuses the Windows ping command. Unlike traditional ransomware that communicates with remote servers, Mamona works completely offline, making it particularly difficult to detect…
5 Must-Have Security Features for Native Apps
Native apps are built compatible with a platform or operating system, such as iOS or Android. While unrestricted access to all device functionalities (camera, GPS, and push notifications) makes native apps attractive for users, it also poses significant risks. Cyber…