Microsoft Threat Intelligence has identified a sophisticated cyber espionage campaign targeting Kurdish military entities in Iraq. The threat actor, known as Marbled Dust, has been exploiting a zero-day vulnerability in Output Messenger since April 2024 to collect sensitive user data…
Tag: Cyber Security News
Nitrogen Ransomware Exploits Antirootkit Driver File to Disable AV & EDR Tools
A new financially motivated threat, Nitrogen Ransomware, has rapidly emerged targeting the financial sector and beyond. While traces of this financially motivated ransomware date back to July 2023, security experts primarily track its organized campaigns from September 2024. Nitrogen primarily…
Hackers Arrested for Ransomware Attacks on Dutch Firms, Causing €4.5 Million in Damages
A 45-year-old foreign citizen, internationally wanted for serious cybercrimes, has been apprehended in the Republic of Moldova following a coordinated operation between Moldovan and Dutch law enforcement agencies. The suspect is believed to be responsible for multiple ransomware attacks that…
Lumma Stealer Evolves with New PowerShell Tools & Advanced Techniques
Lumma Stealer, a notorious information-stealing malware active since mid-2022, has significantly evolved its tactics, techniques, and procedures in recent months. Believed to originate from Russian-speaking cybercriminals, this malware continues to be distributed as a Malware-as-a-Service (MaaS) offering, with its developers…
Linux Firewall IPFire 2.29 Core Update 194 Released with Security Enhancements
The IPFire development team has announced the release of IPFire 2.29 Core Update 194, bringing significant security improvements and feature enhancements to the popular open-source firewall distribution. This update, released on March 17, 2025, continues the project’s commitment to providing…
Kimsuky Hacker Group Employs New Phishing Tactics & Malware Infections
North Korean-linked advanced persistent threat (APT) group Kimsuky has deployed sophisticated new phishing tactics and malware payloads in targeted attacks observed in March 2025. The group, known for targeting government entities, think tanks, and individuals related to foreign policy and…
Google Researchers Leverage Mach IPC Messages to Find and Exploit Sandbox Escapes
Google Project Zero has revealed new sandbox escape vulnerabilities by leveraging Mach Interprocess Communication (IPC) mechanisms-core components underpinning Apple’s operating system security model. Their findings, which combine manual reverse engineering and advanced fuzzing techniques, not only expose systemic risks in…
VMware Tools Vulnerability Let Attackers Tamper Files to Trigger Malicious Operations
A moderate-severity vulnerability in VMware Tools could allow attackers with limited privileges to manipulate files and trigger insecure operations within virtual machines. The vulnerability, tracked as CVE-2025-22247, affects both Windows and Linux versions of VMware Tools 11.x.x and 12.x.x, with…
SAP NetWeaver Vulnerability Exploited in Wild by Chinese Hackers
A critical vulnerability in SAP NetWeaver Application Server has become the latest target for Chinese state-sponsored threat actors, with researchers confirming active exploitation in the wild. The zero-day vulnerability, tracked as CVE-2023-7629, affects multiple versions of SAP NetWeaver AS ABAP…
Hackers Leverage JPG Images to Execute Fully Undetectable Ransomware
A sophisticated attack campaign using steganographic techniques to hide malicious code within ordinary JPEG image files, delivering a fully undetectable (FUD) ransomware payload that bypasses traditional security solutions. The attack exploits the metadata structure of JPEG files to conceal PowerShell…
Hackers Exploit Copilot AI for SharePoint to Access Passwords & Other Sensitive Data
Multiple vulnerabilities in Microsoft’s Copilot AI for SharePoint, enabling attackers to access sensitive corporate data including passwords, API keys, and confidential documents. As organizations increasingly adopt AI assistants for productivity gains, these security gaps present significant risks to enterprise data…
Cybercrime Escalates in 2025 as Hackers Target Everyday Devices with Sophisticated Attacks
The global cost of cybercrime is projected to reach $10.5 trillion annually by 2025, underscoring the unprecedented scale of digital threats in an increasingly connected world. This year has seen a dramatic shift in attacker tactics, with malicious actors exploiting…
Microsoft Releases Detailed Guide to Fix Windows Blue Screen Errors
Microsoft has published a comprehensive official guide to troubleshoot and fix the dreaded Blue Screen of Death (BSOD) on Windows 11 and Windows 10 systems. The detailed documentation, updated on May 11, 2025, comes in the wake of several high-profile…
Hackers Exploiting Legacy Protocols in Microsoft Entra ID to Bypass MFA & Conditional Access
A sophisticated campaign targeting Microsoft Entra ID through legacy authentication protocols has been uncovered, operating between March 18 and April 7, 2025. The attackers specifically exploited outdated authentication methods to circumvent modern security controls, creating a concerning backdoor into enterprise…
Major Retail Chains Suffer Data Breaches Amid Rising Cyber Threats to Consumer Trust
A wave of cyberattacks targeting major retail chains has intensified concerns about data security and consumer trust. British retailers Marks & Spencer, Harrods, and Co-op are the latest casualties in a global surge of ransomware and phishing campaigns. These incidents,…
PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability
A critical Proof-of-Concept (PoC) exploit has been released for a significant vulnerability in the Linux kernel’s nftables subsystem, tracked as CVE-2024-26809. This flaw, rooted in the kernel’s netfilter infrastructure, exposes affected systems to local privilege escalation through a sophisticated double-free…
New Phishing Attack Abusing Blob URLs to Bypass SEGs and Evade Analysis
Cybersecurity experts have identified a sophisticated phishing technique that exploits blob URIs (Uniform Resource Identifiers) to evade detection by Secure Email Gateways (SEGs) and security analysis tools. This emerging attack method leverages the unique properties of blob URIs, which are…
Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution
Defendnot, a sophisticated new tool that effectively disables Windows Defender by exploiting the Windows Security Center (WSC) API to register itself as a legitimate antivirus solution. The Windows Security Center service is designed to ensure Windows computers maintain adequate security…
Critical Vulnerabilities in Mitel SIP Phones Let Attackers Inject Malicious Commands
Security researchers have discovered two significant vulnerabilities affecting Mitel’s suite of SIP phones that could allow attackers to execute arbitrary commands and upload malicious files. The more severe vulnerability, identified as CVE-2025-47188, received a critical CVSS score of 9.8 and…
Microsoft Teams To Block Screen Capture During Meetings
Microsoft has announced a new “Prevent Screen Capture” feature for Teams that will block unauthorized screenshots during meetings. The feature, scheduled for worldwide rollout in July 2025, represents Microsoft’s continued focus on enterprise security and regulatory compliance in an era…