Tag: Cyber Security News

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations…

Read more →

The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance…

Read more →

WhatsApp’s “View Once” option is one of the privacy features in the instant messaging space that is intended to provide users with a sense of security. This feature allows users to send photos or videos that disappear after being viewed…

Read more →

Google’s Threat Intelligence Group (GTIG), in collaboration with Mandiant, has unveiled a comprehensive analysis of ScatterBrain, an advanced obfuscation tool used by China-linked cyber espionage group APT41. This obfuscator is central to the deployment of POISONPLUG.SHADOW, a modular backdoor targeting…

Read more →

Cybersecurity researchers have uncovered a surge in attacks leveraging SparkRAT, a cross-platform Remote Access Trojan (RAT) written in GoLang. This open-source tool, initially released on GitHub in 2022, has become a favorite among hackers due to its modular design, multi-platform…

Read more →

A significant threat in the cybersecurity landscape has emerged, dubbed Hellcat, a new ransomware group. This ransomware group leverages a Ransomware-as-a-Service (RaaS) model to target critical sectors such as government, education, and energy. First identified in mid-2024, Hellcat operates by…

Read more →

A new strain of information-stealing malware, dubbed FleshStealer, has emerged as a significant threat to internet users worldwide. This advanced infostealer targets Chromium and Mozilla-based web browsers, exploiting their vulnerabilities to steal sensitive data, including credentials, cryptocurrency wallet information, and…

Read more →

A proof-of-concept (PoC) exploit for the actively exploited Windows Common Log File System (CLFS) vulnerability, tracked as CVE-2024-49138 has been released. This vulnerability, which Microsoft patched on December 10, 2024, with update KB5048685 for Windows 11 versions 23H2 and 22H2,…

Read more →

Wallarm’s 2025 API ThreatStats Report exposes a startling rise in AI-focused attacks, with researchers tracking 439 AI-related CVEs in 2024—a 1,025% jump over the previous year. Almost all of these exploits 99% involve weak or poorly configured APIs. Injection flaws,…

Read more →

A new variant of the Mirai-based malware, dubbed Aquabotv3, has been identified by the Akamai Security Intelligence and Response Team (SIRT). This malware is actively exploiting a command injection vulnerability in Mitel SIP phones to execute malicious commands and propagate…

Read more →

Security experts has uncovered the sophisticated infrastructure of the Lynx Ransomware-as-a-Service (RaaS) group in a recent investigation. This ransomware group is Known for its cross-platform capabilities and affiliate-driven model. Lynx targets Windows, Linux, and VMware ESXi environments, posing a significant…

Read more →

DeepSeek R1, the latest AI model from China, is making waves in the tech world for its reasoning capabilities. Positioned as a challenger to AI giants like OpenAI, it has already climbed to 6th place on the Chatbot Arena benchmarking…

Read more →

The widely used open-source network monitoring tool, Cacti, identified a critical vulnerability. The flaw, tracked as CVE-2025-22604 has a CVSS score of 9.1, indicating high severity.  It allows authenticated users with device management permissions to execute arbitrary commands on the server,…

Read more →

A vulnerability in a third-party travel service API has exposed millions of airline users to potential account takeovers, enabling attackers to exploit airline loyalty points and access sensitive personal information.  The flaw, discovered by Salt Labs, highlights the risks associated…

Read more →

A Cross-Site Scripting (XSS) vulnerability has been identified in the TP-Link Archer A20 v3 router, specifically in firmware version 1.0.6 Build 20231011 rel.85717(5553).  The issue stems from improper handling of directory listing paths on the router’s web interface. When a…

Read more →

A significant zero-day vulnerability in Zyxel CPE series devices, identified as CVE-2024-40891, is being actively exploited by attackers. This vulnerability enables attackers to execute arbitrary commands on affected devices, posing significant risks of system compromise, data theft, and network infiltration.…

Read more →

A new cyberattack campaign, dubbed the “Fake DeepSeek Campaign,” has been discovered targeting macOS users. DeepSeek, a Chinese-developed AI chatbot, has rapidly gained popularity globally. Threat Actors started exploiting its popularity to deliver malware & infect users’ computers. This campaign is…

Read more →

A detailed walkthrough demonstrates how attackers can manipulate Azure Key Vault’s access policies after compromising Entra ID (formerly Azure AD) credentials. According to Faran Siddiqui, a penetration tester report, a “Key Vault 06 – Abuse Decryption Key,” shed light on…

Read more →

Cloudflare revealed how its data pipeline has achieved unprecedented scalability, processing up to 706 million events per second as of December 2024 representing a staggering 100x growth since 2018. This massive data flow, which peaks at 107 GiB/s of compressed…

Read more →

PowerSchool, a leading U.S.-based education technology provider, has begun notifying students, teachers, and other affected individuals following a massive data breach that occurred in December 2024. The breach, which compromised sensitive personal information, is one of the largest cybersecurity incidents…

Read more →