In the first quarter of 2025, cybersecurity researchers documented an alarming surge in vulnerability exploitation, with 159 Common Vulnerabilities and Exposures (CVEs) being exploited in the wild. This remarkable figure represents a concerning trend as malicious actors continue to rapidly…
Tag: Cyber Security News
FBI To Offer Reward Up to $10 Million Any Information on Salt Typhoon Hackers
The Federal Bureau of Investigation announced today an unprecedented $10 million reward for actionable intelligence leading to the identification and capture of key operatives behind the infamous Salt Typhoon cyber campaign. This significant cybersecurity effort targets a sophisticated hacking group…
Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords
A hacking collective identifying itself as R00TK1T has claimed responsibility for a massive data breach affecting TikTok, allegedly exposing the credentials of more than 900,000 users. According to the group’s statements, they have released a sample of 927,000 TikTok user…
New Reports Reveals How AI is Boosting the Phishing Attack Rapidly With More Accuracy
Cybercriminals have dramatically evolved their phishing tactics, leveraging generative AI to create highly personalized and convincing attacks, according to the newly released ThreatLabz 2025 Phishing Report. The days of mass phishing campaigns have given way to hyper-targeted scams designed to…
North Korean APT Hackers Create Companies to Deliver Malware Strains Targeting Job Seekers
A sophisticated North Korean advanced persistent threat (APT) group known as “Contagious Interview” has established elaborate fake cryptocurrency consulting companies to target job seekers with specialized malware. The group, a subunit of the infamous North Korean state-sponsored Lazarus Group, has…
Microsoft’s Symlink Patch Created New Windows DoS Vulnerability
A recent Microsoft security update, intended to patch a critical privilege escalation vulnerability, has inadvertently introduced a new and significant flaw. The fix now enables non-administrative users to effectively block all future Windows security updates, creating a denial-of-service condition. This…
Russian VPS Servers With RDP, Proxy Servers Fuel North Korean Cybercrime Operations
North Korea’s cybercrime operations have significantly expanded beyond the limited 1,024 IP addresses assigned to their national network through an elaborate scheme involving Russian infrastructure. According to recent findings, five Russian IP ranges, primarily located in the border towns of…
Spring Security Vulnerability Let Attackers Determine Which Usernames are Valid
A serious vulnerability related to information exposure (CVE-2025-22234) impacts several versions of the spring-security-crypto package. The flaw enables attackers to determine valid usernames through timing attacks, undermining a key security feature designed to prevent user enumeration. The vulnerability affects Spring…
Verizon DBIR Report – Small Businesses Emerges as Prime Targets for Ransomware Attacks
Verizon’s 2025 Data Breach Investigations Report (DBIR) has revealed a disturbing trend: small and medium-sized businesses (SMBs) have become disproportionately targeted by ransomware attacks. The comprehensive report, analyzing over 22,000 security incidents including 12,195 confirmed data breaches, found ransomware present…
Threat Actors Attacking Organization in Thailand to Deploy Ransomware
Thailand has emerged as a significant target for sophisticated ransomware attacks, with a dramatic 240% increase in cyber campaigns recorded in 2024 compared to the previous year. This surge reflects heightened geopolitical tensions and strategic interest in Thailand’s expanding digital…
SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells
A wave of targeted cyberattacks has exposed a previously unknown vulnerability in SAP NetWeaver, allowing attackers to deploy malicious JSP webshells and gain unauthorized access to enterprise systems, even those running the latest patches. In April 2025, security researchers at…
U.S. Secret Service Details on How to Spot a Credit Card Skimmer
The U.S. Secret Service Washington Field Office (WFO) has issued an advisory on identifying credit card skimming devices, calling this form of financial theft a “low-risk, high-reward crime that is on the rise across the country.” Following the recent Operation…
Microsoft Defender XDR False Positive Leads to Massive Data Leak of 1,700+ Sensitive Documents
ANY.RUN research identified a large-scale data leak event triggered by a false positive in Microsoft Defender XDR. The security platform incorrectly flagged benign files as malicious, leading to their automatic submission to ANY.RUN’s public sandbox for analysis. As a result,…
Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities
Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. The threat actor has shifted tactics to exploit recently patched vulnerabilities—known as one-day vulnerabilities—before organizations can implement necessary…
Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining
In a troubling development for cybersecurity professionals, threat actors are increasingly targeting unsecured Kubernetes clusters to deploy cryptocurrency mining operations, leveraging the computational resources of victim organizations without their knowledge. These attacks exploit vulnerabilities in containerized environments, particularly focusing on…
Linux io_uring Security Blind Spot Let Attackers Stealthily Deploy Rootkits
A critical vulnerability exists in Linux’s security framework, revealing that many runtime security tools struggle to detect threats operating via the io_uring interface. This discovery exposes a critical gap in protection for Linux-based systems across cloud environments and data centers…
CISA Confirms Continued Support for CVE Program, No Funding Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reaffirmed its strong commitment to the Common Vulnerabilities and Exposures (CVE) Program, following recent public reports that inaccurately suggested the program was in jeopardy due to funding shortages. CISA clarified that…
New Stego Campaign Leverages MS Office Vulnerability to Deliver AsyncRAT
Cybersecurity researchers have discovered a sophisticated malware campaign that employs steganography techniques to hide malicious code within seemingly innocent image files. This attack chain leverages an older Microsoft Office vulnerability (CVE-2017-0199) to ultimately deliver AsyncRAT, a remote access trojan capable…
ToyMaker Hackers Compromised Multitude Hosts Using SSH & File Transfer Tools
In 2023, cybersecurity experts uncovered an extensive compromise in critical infrastructure enterprises by a sophisticated threat actor group. This initial access broker, dubbed “ToyMaker,” systematically exploited vulnerable internet-facing systems before deploying custom backdoors to extract credentials from victim organizations. Their…
Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication
A critical vulnerability in Zyxel’s FLEX-H Series devices that enables attackers to execute arbitrary database queries and gain remote code execution capabilities without requiring authentication. The flaw, discovered by a researcher “rainpwn” and officially disclosed on April 22, 2025, exposes…