A sophisticated malware framework dubbed “Tsunami” has emerged as an active threat, targeting users through a multi-stage infection chain and deploying an extensive arsenal of credential stealing and cryptomining capabilities. Security researchers have linked this malware to the ongoing “Contagious…
Tag: Cyber Security News
JokerOTP Platform With 28,000+ Phishing Attacks Dismantled
In a major cybersecurity breakthrough, law enforcement agencies from the UK and Netherlands have dismantled the notorious JokerOTP platform, a sophisticated phishing tool responsible for compromising financial accounts totaling £7.5 million across 13 countries. A 24-year-old man was arrested Tuesday…
Windows Server 2025 Hotpatching Service to be Rolled Out From July 1st, 2025
Microsoft has confirmed that its hotpatching feature for Windows Server 2025, which has been in preview since 2024, will transition to a paid subscription model starting July 1st, 2025. The announcement, made by Janine Patrick, Windows Server Product Marketing Manager,…
When Satellites Go Dark – Persistent Cyber Assaults and The Growing Blind Spot
In the cold vastness of space, thousands of satellites orbit silently, providing critical infrastructure for global communications, navigation systems, and military operations. Yet these silent sentinels have increasingly become targets for sophisticated cyber attacks that threaten to plunge vital services…
Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation Attacks
A significant vulnerability in the Linux kernel’s Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root level. Security researchers have confirmed that this flaw, which received a CVSS v3.1…
ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks
A new sophisticated remote access trojan (RAT) has emerged as a significant threat to healthcare and pharmaceutical organizations worldwide. Dubbed ResolverRAT, this previously undocumented malware deploys advanced in-memory execution techniques and layered evasion methods to steal sensitive data while remaining…
Researchers Uncovered SuperShell Payloads & Multiple Tools From Hacker’s Open Directories
Cybersecurity researchers have uncovered a concerning cache of hacking tools, including SuperShell payloads and Cobalt Strike beacons, exposed in plain sight within open directories on the internet. This discovery highlights how threat actors sometimes inadvertently expose their arsenal while setting…
Apache Tomcat Vulnerability Let Attackers Bypass Rules & Trigger DoS Condition
The Apache Software Foundation disclosed a significant security vulnerability in Apache Tomcat that could allow attackers to bypass security rules and trigger denial-of-service conditions through manipulated HTTP priority headers. Identified as CVE-2025-31650, this high-severity vulnerability affects multiple Tomcat versions, posing…
Kali Linux Warns that Update Process is Going to Fail for All Users
Kali Linux users worldwide are facing an imminent disruption as the security-focused distribution has announced that the update process will fail for virtually all users in the coming days. The issue arises from a change in the repository signing key,…
Threat Actors Weaponize Language Software to Windows-Based Remote Surveillance Malware
Senior members of the World Uyghur Congress (WUC) living in exile became targets of a sophisticated spearphishing campaign delivering Windows-based surveillance malware. The attack utilized a trojanized version of UyghurEditPP, a legitimate open-source word processing tool developed to support the…
Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers
The cybersecurity landscape is witnessing a significant shift as threat actors increasingly leverage Ransomware as a Service (RaaS) platforms enhanced by sophisticated Endpoint Detection and Response (EDR) killers. Despite successful law enforcement operations against established ransomware gangs like LockBit, new…
Threat Actors Leverage Access to Valid Accounts via Phishing Attack
In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented a dramatic surge in phishing attacks, with threat actors increasingly using this vector to gain access to valid user accounts. According to recent incident response…
RansomHub Ransomware Deploying Malware to Compromise Corporate Networks
A new Ransomware-as-a-Service (RaaS) group called RansomHub emerged in the cybercriminal ecosystem, specializing in targeting high-profile organizations through sophisticated attack vectors. The group advertises its criminal services on the Russian Anonymous Market Place (RAMP), a notorious Dark Web forum known…
China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data
China claims that the United States conducted a targeted cyberattack against one of its leading commercial encryption providers. A newly released report from China’s National Computer Network Emergency Response Technical Team (CNCERT) alleges that U.S. intelligence agencies used advanced hacking…
19 APT Hackers Attacking Asia Company’s Servers by Exploiting Vulnerability & Spear Phishing Email
A significant surge in sophisticated cyber threats has emerged across Asia, with NSFOCUS Fuying Laboratory identifying 19 distinct Advanced Persistent Threat (APT) attack activities in March 2025. These coordinated campaigns primarily targeted organizations in South Asia and East Asia, with…
SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code
A critical security vulnerability in SEIKO EPSON printer drivers for Windows has been identified, allowing malicious actors to execute arbitrary code with SYSTEM-level privileges. The vulnerability, tracked as CVE-2025-42598, was published by JPCERT/CC on April 28, 2025, and affects a…
BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day Vulnerability
BreachForums, a notorious cybercrime marketplace and successor to RaidForums, has confirmed that its platform was the target of a sophisticated law enforcement operation exploiting a previously unknown vulnerability, commonly referred to as a “0-day”, in the MyBB forum software. The…
SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells
SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer with the highest possible CVSS score of 10.0. This vulnerability stems from a missing authorization check in the Metadata Uploader component, allowing unauthenticated…
Windows 11 25H2 to be Released Possibly With Minor Changes
As Microsoft continues to refine Windows 11, new leaks and technical insights indicate that the upcoming 25H2 update, slated for release in September or October 2025, will likely be a minor iteration. Unlike the more substantial updates seen in previous…
New RedExt Chrome Extension Tool for Red Teamers with Flask-based C2 Server
A sophisticated new red team tool called RedExt has recently been released, combining a Manifest V3 Chrome extension with a Flask-based Command and Control (C2) server to create a powerful framework for authorized security operations. This innovative tool enables comprehensive…