Tag: Cyber Security News

Microsoft is rolling out a new OneDrive feature this month that allows users to sync their personal accounts with corporate accounts by default, raising significant security concerns among IT professionals. The feature, officially titled “Prompt to Add Personal Account to…

Read more →

Cybersecurity analysts are racing to respond to an active exploitation campaign targeting Commvault environments in Microsoft Azure through the recently identified CVE-2025-3928 vulnerability. This critical vulnerability, which enables authenticated attackers to compromise web servers through the creation and execution of…

Read more →

SonicWall has disclosed multiple high-severity vulnerabilities affecting its Secure Mobile Access (SMA) 100 series products.  Security researchers from Rapid7 discovered three significant post-authentication vulnerabilities that, when chained together, could lead to complete system compromise with root-level access.  The flaws impact…

Read more →

A significant vulnerability has been discovered in Apache ActiveMQ, the widely used open-source message broker.  The flaw, officially tracked as CVE-2025-27533, enables remote attackers to trigger a Denial of Service (DoS) condition by exploiting improper memory allocation during the handling…

Read more →

Bug bounty programs, once celebrated for incentivizing independent researchers to report real-world vulnerabilities, are now facing a significant challenge from AI-generated fake vulnerability reports. These fabricated submissions, known in the industry as “AI slop,” are increasingly wasting maintainers’ time and,…

Read more →

A sophisticated phishing framework known as CoGUI has emerged as a significant threat, primarily targeting organizations in Japan with millions of phishing messages since October 2024. The kit impersonates popular consumer and finance brands, including Amazon, PayPay, Rakuten, and various…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware campaign attributed to the Russian threat actor COLDRIVER, also known as Star Blizzard or Callisto. The newly identified malware, dubbed LOSTKEYS, has been observed targeting diplomatic institutions, defense contractors, and critical infrastructure organizations…

Read more →

In a significant shift within the cybercriminal ecosystem, Qilin ransomware group has surged to prominence in April 2025, orchestrating 74 cyber attacks globally according to the latest threat intelligence report. This dramatic rise follows the unexpected disappearance of RansomHub, which…

Read more →

The notorious LockBit ransomware operation has suffered a significant breach. Attackers defaced their dark web infrastructure and leaking a comprehensive database containing sensitive operational details on May 7. The hack represents a major blow to one of the world’s most…

Read more →

A sophisticated phishing campaign targeting Americans is currently making rounds via fake Social Security Administration (SSA) emails. These convincingly crafted messages inform recipients that their Social Security Statement is available for download, encouraging them to click on an attached file.…

Read more →

Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices. The flaw, assigned the maximum severity rating of 10.0, enables unauthenticated remote attackers to…

Read more →

In a significant evolution of their attack capabilities, the Agenda ransomware group has recently incorporated SmokeLoader malware and a new .NET-based loader dubbed NETXLOADER into their arsenal. This development, observed in campaigns initiated during November 2024, marks a substantial upgrade…

Read more →

The financial sector has emerged as a prime target for sophisticated ransomware operations, with a staggering 406 publicly disclosed incidents recorded between April 2024 and April 2025. These attacks have demonstrated increasingly advanced technical capabilities and strategic targeting, causing significant…

Read more →

The healthcare industry has become increasingly vulnerable to sophisticated cyber threats in 2025, with malicious actors specifically targeting medical institutions’ growing cloud infrastructure and digital workflows. According to recent findings, threat actors have shifted their tactics to leverage trusted cloud…

Read more →

A critical security revelation has sent shockwaves through the cybersecurity community as researchers uncovered that easyjson, a widely adopted open-source Go package central to JSON serialization processes, is under complete control of developers based in Moscow who work for VK…

Read more →

The UK government has unveiled plans to roll out passkey technology across its digital services as it seeks to reduce the risk of cyber-attacks to people’s GOV.UK accounts.  Announced during the CYBERUK 2025 conference in Manchester, this initiative aims to…

Read more →

A sophisticated banking trojan known as Lampion has resurfaced with an evolved attack strategy, now exploiting fake ClickFix utility lures to harvest sensitive banking credentials from unsuspecting victims. This banking malware, first identified in late 2019, has undergone significant modifications…

Read more →

North Korean state-sponsored hackers have executed what security experts are calling the largest cryptocurrency theft operation to date, successfully stealing an estimated $625 million through an elaborate attack chain that compromised a high-profile macOS developer’s environment and leveraged Amazon Web…

Read more →

In the rapidly evolving cybersecurity landscape of 2025, DragonForce has emerged as a formidable ransomware threat, redefining the hybrid extortion model. First appearing in December 2023 with the launch of its “DragonLeaks” dark web portal, DragonForce has quickly established itself…

Read more →

April wasn’t quiet in the world of cybersecurity. From sneaky fake CAPTCHAs to region-targeted phishing and revamped ransomware, attackers kept busy, refining their tricks and finding new ways to slip past defenses.  Thanks to insights from ANY.RUN researchers, powered by…

Read more →

A proof-of-concept (PoC) exploit tool has been publicly released for a maximum severity vulnerability in Apache Parquet, enabling security teams to easily identify affected servers.  The vulnerability, tracked as CVE-2025-30065 with a CVSS score of 10.0, affects a widely-used data…

Read more →

In a major blow to the cybercriminal ecosystem, Polish authorities have arrested four individuals who allegedly operated a network of Distributed Denial of Service (DDoS) platforms responsible for thousands of cyberattacks worldwide.  The operation, announced on May 7, 2025, dismantled…

Read more →

Cybersecurity researchers at ANY.RUN have uncovered a sophisticated attack leveraging the Diamorphine rootkit to deploy a cryptocurrency miner on Linux systems, highlighting the growing misuse of open-source tools in malicious campaigns. The detailed analysis with ANY.RUN Sandbox exposes a multi-stage…

Read more →

A sophisticated phishing campaign that targets cryptocurrency users through Discord. The campaign has victimized over 30,000 users and resulted in losses exceeding $9 million over the past six months alone, revealing the continued operation of the notorious Inferno Drainer despite…

Read more →

Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affects the Windows Common Log File System (CLFS) driver and allows attackers…

Read more →

CISA along with the FBI, EPA, and Department of Energy, issued an urgent advisory, warning that cyber actors are actively targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems within the U.S. oil and natural gas…

Read more →

A critical security vulnerability in AWS Amplify Studio has been identified, potentially allowing authenticated users to execute arbitrary JavaScript code during component rendering and build processes.  Amazon Web Services (AWS) disclosed and patched this high-severity flaw, tracked as CVE-2025-4318, on…

Read more →

A sophisticated new smishing kit dubbed “Panda Shop” has emerged from China, enabling cybercriminals to steal financial data including Google Pay, Apple Pay, and credit card details. This kit leverages advanced social engineering tactics by impersonating trusted organizations like USPS,…

Read more →

Elastic has disclosed a critical security vulnerability in Kibana, its popular data visualization platform, that could allow attackers to execute arbitrary code.  The vulnerability, identified as CVE-2025-25014, affects multiple versions of Kibana and has received a CVSS score of 9.1…

Read more →

Google has released a critical security update for Chrome, addressing a vulnerability that could allow attackers to execute malicious code through the browser’s WebAudio component.  According to an announcement published on Tuesday, May 6, 2025, the stable channel has been…

Read more →

The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices. This latest campaign leverages two critical vulnerabilities-CVE-2024-6047 and…

Read more →

A devastating ransomware attack has forced Knights of Old, a 160-year-old haulage firm based in Kettering, Northamptonshire, into administration, resulting in 730 job losses and prompting a stark warning from its director to other businesses. Paul Abbott, who served on…

Read more →

A major security breach at Deutsche Bank’s New York datacenter has come to light through a lawsuit filed by a former Computacenter manager who claims he was wrongfully terminated after reporting unauthorized access incidents.  James Papa, previously a service delivery…

Read more →

A federal jury in California has ordered Israeli spyware maker NSO Group to pay WhatsApp approximately $168 million in damages, marking a watershed moment in the fight against commercial cyberespionage. The verdict, delivered on Tuesday, concludes a six-year legal battle…

Read more →

The cybercriminal group UNC3944, which overlaps with public reporting on Scattered Spider, has demonstrated a significant evolution in tactics over the past two years. Initially focusing on telecommunications-related organizations to facilitate SIM swap operations, the group has transformed into a…

Read more →

Artificial Intelligence is rapidly transforming every aspect of technology, offering unprecedented efficiency and business growth opportunities. However, as AI integration deepens in data analytics platforms, a concerning pattern emerges where advanced functionality may inadvertently undermine carefully established security controls. The…

Read more →

The food and agriculture sector has become a prime target for cybercriminals, with ransomware attacks more than doubling in the past quarter. Security researchers have documented 84 significant ransomware incidents targeting agricultural businesses between February and April 2025, compared to…

Read more →

A significant security vulnerability has been uncovered in the artificial intelligence safeguards deployed by tech giants Microsoft, Nvidia, and Meta. According to new research, these companies’ AI safety systems can be completely bypassed using a deceptively simple technique involving emoji…

Read more →

Educational institutions across New Mexico are facing a growing cyber threat landscape, mirroring a troubling pattern seen nationwide. Recent network intrusions targeting multiple schools and universities in the state have raised significant concerns about digital security in educational environments. These…

Read more →

Users across various regions are currently experiencing significant disruptions to Microsoft 365 services, including Microsoft Teams, OneDrive for Business, and SharePoint Online. This situation follows the identification of a major service degradation incident that occurred this evening. The outage, first…

Read more →

In today’s evolving cyberthreat landscape, Initial Access Brokers (IABs) have emerged as critical facilitators in the ransomware attack chain. These specialized cybercriminals focus exclusively on breaching corporate networks and subsequently selling this valuable access to ransomware operators on the dark…

Read more →

A massive malware campaign targeting macOS users through more than 2,800 compromised websites. The operation deploys Atomic Stealer (AMOS), a sophisticated information-stealing malware specifically designed to extract sensitive data from Apple computers. The campaign, dubbed “MacReaper” was initially discovered on…

Read more →

A prominent Instagram influencer with over 2.5 million followers became the unwitting host of a sophisticated phishing campaign this week. The unnamed lifestyle blogger’s account was compromised on Monday, with attackers using their trusted platform to distribute malicious links disguised…

Read more →

In a significant security enhancement announced today, Microsoft has successfully rolled out SafeLinks protection worldwide for M365 Copilot Chat across Desktop, Web, Outlook Mobile, Teams Mobile, and the Microsoft 365 Copilot Mobile app on both iOS and Android platforms.  This…

Read more →

Microsoft security researchers have issued an urgent warning that default Helm chart configurations widely used for deploying Kubernetes applications could inadvertently expose sensitive data to attackers.  According to a report published on May 5, 2025, by Microsoft Defender for Cloud…

Read more →

The Mobile Security Framework (MobSF), a widely utilized tool, contains two critical zero-day vulnerabilities. These vulnerabilities, designated as CVE-2025-46335 and CVE-2025-46730, impact all versions of MobSF up to and including version 4.3.2. If exploited, they could result in system compromise…

Read more →

As the clock ticks down to October 14, 2025, Microsoft has intensified its efforts to alert Windows 10 users about the impending end of support deadline. After this date, the decade-old operating system will no longer receive security updates, bug…

Read more →

Google has released the Android Security Bulletin for May 2025, addressing multiple vulnerabilities, including a high-severity remote code execution flaw that is actively being exploited in the wild.  The most severe issue identified in the May 2025 security patch is…

Read more →

A sophisticated social engineering tactic dubbed “ClickFix” has emerged as a significant threat to Windows users, tricking victims into executing malicious PowerShell scripts through fake browser error pages. First identified in spring 2024, this attack vector has rapidly gained popularity…

Read more →

A coordinated wave of cyberattacks has struck major UK retailers in recent weeks, with the DragonForce ransomware group claiming responsibility for breaches at Marks & Spencer, Co-op, and luxury department store Harrods.  These attacks have caused significant operational disruptions and…

Read more →

Managed Security Service Providers (MSSPs) deliver outsourced cybersecurity services, focusing on monitoring, managing, and mitigating threats for organizations. Threat intelligence actionable data about potential cyber threats enhances their ability to predict, detect, and respond to attacks. Below are five critical…

Read more →

CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.  The vulnerability, identified as CVE-2025-3248, allows unauthenticated remote attackers to execute arbitrary code on vulnerable servers running the…

Read more →

The new GPOHound is a powerful new open-source tool designed to analyze Group Policy Objects (GPOs) in Active Directory environments for privilege escalation vulnerabilities and misconfigurations.  The tool, released on May 2, 2025, automatically detects insecure settings that attackers could…

Read more →

Cybersecurity experts have identified a sophisticated new malware campaign dubbed “ClickFix” that employs advanced social engineering tactics to compromise both Windows and Linux systems. The attack creates convincing replicas of Ministry of Defense websites across multiple countries, tricking users into…

Read more →

Microsoft has officially acknowledged that the April 2025 security update is preventing Windows 11 systems from upgrading to version 24H2 when using Windows Server Update Services (WSUS). The issue affects organizations attempting to deploy the latest feature update across their…

Read more →

When most people think of DDoS attacks, they envision tsunami-like floods of traffic overwhelming servers. That’s the classic Layer 3/4 strategy brute force attacks meant to crash services by clogging up bandwidth. But over the last quarter, I’ve seen a…

Read more →

Security researchers have uncovered one of the largest credit card theft operations in recent history, with a sophisticated Phishing-as-a-Service (PhaaS) platform called “Darcula” responsible for stealing approximately 884,000 credit card details through a massive campaign that generated over 13 million…

Read more →

A sophisticated new attack method that disables endpoint security protection has been identified by security researchers, enabling threat actors to deploy ransomware undetected.  The technique, dubbed “Bring Your Own Installer,” was recently discovered by Aon’s Stroz Friedberg Incident Response team…

Read more →

A newly discovered vulnerability in Microsoft’s Windows Deployment Services (WDS) allows attackers to remotely crash servers with zero user interaction or authentication.  The flaw, which targets the UDP-based TFTP service at the WDS, could allow even low-skilled attackers to paralyze…

Read more →

Most executives still treat PCI DSS like paperwork something to file away after a quarterly scan. But that mindset is dangerous. PCI compliance isn’t just a checklist it’s a survival test. Every rule in PCI exists because someone got breached.…

Read more →

A sophisticated credential theft technique, identified as T1555.003 in the MITRE ATT&CK framework, has emerged as a significant threat to organizations worldwide.  This technique enables adversaries to extract usernames and passwords directly from web browsers, which commonly store these credentials…

Read more →

A critical vulnerability in Microsoft Telnet Server enables attackers to bypass authentication completely, potentially gaining administrator access without valid credentials. Organizations running legacy Windows systems are advised to take immediate action, as no official patch is available. The critical flaw,…

Read more →

A sophisticated cyber campaign targeting corporate human resources departments has been uncovered, with attackers exploiting the routine practice of opening job application attachments to deploy a dangerous backdoor. The financially motivated threat group Venom Spider is behind this campaign, sending…

Read more →

Security researchers have recently uncovered a sophisticated supply chain attack targeting ecommerce platforms through 21 widely-used applications. The backdoor, which remained dormant for six years after its initial injection between 2019 and 2022, has recently activated, providing attackers with complete…

Read more →

A sophisticated Remote Access Trojan (RAT) dubbed “RomCom” has emerged as a significant threat targeting UK organizations through their customer feedback portals. Cybersecurity experts have identified a coordinated campaign exploiting these seemingly innocuous feedback mechanisms to deliver the malware, which…

Read more →

In a sophisticated cyber espionage campaign, threat actors are actively targeting Indian government personnel using decoy documents referencing the recent Pahalgam attack. The malicious campaign, discovered in early May 2025, utilizes spear-phishing emails with attachments designed to exploit recipients’ interest…

Read more →

A data breach at Kelly & Associates Insurance Group (operating as Kelly Benefits) has exposed sensitive personal information of more than 410,000 individuals, significantly more than initially reported. The Maryland-based benefits administration and payroll solutions provider confirmed that cybercriminals infiltrated…

Read more →

A notorious ransomware group dubbed DragonForce has claimed responsibility for a series of cyber attacks targeting major UK retailers, with Co-op now confirming a significant data breach affecting its membership database. The attacks, which also targeted Marks & Spencer and…

Read more →

A sophisticated cyber intrusion targeting critical national infrastructure in the Middle East has been uncovered, with evidence pointing to an Iranian state-sponsored threat group. The attack, which persisted from May 2023 to February 2025, showcases advanced tactics and a concerning…

Read more →

A significant security lapse occurred at Elon Musk’s artificial intelligence company xAI, where a developer inadvertently leaked a private API key on GitHub that remained accessible for nearly two months.  The exposed credentials provided unauthorized access to private large language…

Read more →

MediaTek has released critical security patches addressing six significant vulnerabilities affecting a wide range of devices powered by their chipsets.  The vulnerabilities, disclosed in the company’s May 2025 Product Security Bulletin, impact smartphones, tablets, AIoT devices, smart displays, audio systems,…

Read more →

After more than two decades as a pioneer in internet-based calling and messaging, Skype has officially been retired by Microsoft as of May 5, 2025. The company is now urging all Skype users to migrate to Microsoft Teams, marking the…

Read more →

A sophisticated SS7 protocol vulnerability that enables unauthorized SMS interception and real-time phone tracking is now being offered for sale on underground forums, raising serious concerns about mobile network security worldwide.  The exploit, priced at $5,000, provides buyers with comprehensive…

Read more →

A surge in cyberattacks leveraging email input fields as a gateway to exploit a wide range of vulnerabilities, including Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and email header injection.  Email input fields are ubiquitous in modern web applications, used…

Read more →

Cryptocurrency exchange Kraken recently uncovered a sophisticated infiltration attempt by a North Korean hacker who applied for an engineering position at the company.  Instead of immediately rejecting the suspicious application, Kraken’s security team strategically advanced the candidate through multiple interview…

Read more →

Cybersecurity experts have identified a sophisticated evolution of the LUMMAC credential stealer, now rewritten from C to C++ and operating with enhanced capabilities. This new variant, designated LUMMAC.V2, has been observed targeting a wide range of applications including browsers, cryptocurrency…

Read more →

A sophisticated SS7 protocol vulnerability that enables unauthorized SMS interception and real-time phone tracking is now being offered for sale on underground forums, raising serious concerns about mobile network security worldwide.  The exploit, priced at $5,000, provides buyers with comprehensive…

Read more →

Recently identified Luna Moth phishing operations reveal a sophisticated campaign targeting legal and financial institutions through expertly crafted typosquatted domains.  Security researchers from EclecticIQ, supported by additional findings from Silent Push, have uncovered a methodical approach to domain registration that…

Read more →

In a significant leap forward for software debugging, a researcher has successfully developed a groundbreaking tool that brings AI assistance to one of computing’s most archaic processes: Windows crash dump analysis.  Sven Scharmentke recently unveiled “mcp-windbg,” an open-source project that…

Read more →

A critical new attack chain, dubbed “SonicBoom,” that enables remote attackers to bypass authentication and seize administrative control over enterprise appliances, including SonicWall Secure Mobile Access (SMA) and Commvault backup solutions.  This sophisticated multi-stage exploit leverages a combination of pre-authentication…

Read more →

A sophisticated new strain of malware dubbed “Chimera” has emerged in 2025, representing a significant evolution in cyber threats. This advanced malware first appeared in March 2025 when it infiltrated X Business, a small e-commerce company specializing in handmade home…

Read more →

In a notable development that will affect numerous businesses globally, Microsoft has announced that it will commence the rejection of emails that do not adhere to strict authentication standards, resulting in the error code “550 5.7.15 Access denied.” This enforcement,…

Read more →

A new critical security vulnerability in Apache Parquet Java has been disclosed that could allow attackers to execute arbitrary code through specially crafted Parquet files.  The vulnerability, tracked as CVE-2025-46762, affects all versions of Apache Parquet Java through 1.15.1. Apache…

Read more →

A critical security vulnerability in Webmin, a widely-used web-based system administration tool, has been discovered, allowing remote attackers to escalate privileges and execute code with root-level access. Designated as CVE-2025-2774, this flaw poses severe risks to servers running affected versions…

Read more →

In our fast-paced, interconnected world, the dangers of cyberattacks are becoming more frequent and complex. That’s why it’s more important than ever to stay updated and aware of the risks. Every week, our newsletter offers a simple roundup of the…

Read more →

A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…

Read more →

CISA has issued an urgent advisory highlighting critical vulnerabilities in KUNBUS GmbH’s Revolution Pi industrial automation devices. These flaws, which include authentication bypass and remote code execution risks, threaten sectors like manufacturing, energy, and healthcare. Attackers can disrupt operations, manipulate…

Read more →

A new, modified version of the popular AsyncRAT tool, dubbed AsyncRAT Dark Mode, has been released on GitHub, offering users a modernized interface and enhanced functionality for remote system monitoring and control. This open-source project introduces a stylish dark theme,…

Read more →

A Yemeni national, Rami Khaled Ahmed, aged 36, has been indicted by federal authorities in the Central District of California for allegedly orchestrating a cyberattack campaign using Black Kingdom ransomware to extort victims, the U.S. Department of Justice announced. Ahmed…

Read more →

Researchers at Trustwave SpiderLabs has uncovered a sophisticated malspam campaign distributing the notorious RemcosRAT malware on windows. The campaign leverages a deceptive fake payment notice disguised as a SWIFT copy to trick victims into downloading a malicious PDF, ultimately leading…

Read more →

In an era where data breaches increasingly dominate headlines, Chief Information Security Officers (CISOs) face unprecedented pressure to mitigate technical fallout and salvage organizational trust. The 2024 FTC settlement with Marriott International, a $52 million penalty for systemic security failures,…

Read more →

Email is a critical business communication tool, but it is also a primary target for cybercriminals who exploit its openness to launch phishing attacks, impersonate brands, and distribute malware. To counter these threats, organizations must implement robust email authentication protocols…

Read more →

As AI and machine learning reshape business operations, they also introduce new security challenges—making Securing AI Systems for CISOs essential, as traditional frameworks often fall short. For Chief Information Security Officers (CISOs), securing AI/ML systems requires expanding security mindsets beyond…

Read more →

In the evolving landscape of cybersecurity, artificial intelligence has transitioned from an experimental technology to a core component of security operations. According to recent Gartner research, security and risk management leaders are pivoting toward a more tactical approach to AI…

Read more →

A sophisticated cyber intrusion targeting critical national infrastructure (CNI) in the Middle East has been uncovered, revealing a long-term espionage operation attributed to an Iranian state-sponsored threat group. The attack, which persisted from May 2023 to February 2025, with potential…

Read more →

Multi-factor authentication (MFA) has long been touted as a robust security measure against phishing attacks, but sophisticated threat actors have developed new techniques to circumvent these protections. A concerning trend has emerged where cybercriminals are successfully bypassing MFA through adversary-in-the-middle…

Read more →

A sophisticated new malware loader dubbed “MintsLoader” has emerged in the cybersecurity landscape, serving as a delivery mechanism for a previously undocumented backdoor called “GhostWeaver.” Security researchers have observed a significant spike in targeted attacks against financial institutions and healthcare…

Read more →

A sophisticated wave of subscription-based scams is sweeping across the internet, specifically designed to steal credit card information from unsuspecting users. These fraudulent operations have evolved beyond simple phishing attempts, now employing complex psychological tactics and convincing digital storefronts to…

Read more →

StealC, a popular information stealer and malware downloader that has been active since January 2023, has received a significant update with the introduction of version 2 (V2) in March 2025. This latest iteration brings substantial enhancements to the malware’s capabilities,…

Read more →

A new report by Coveware reveals a significant shift in the ransomware landscape, with threat actors evolving their organizational structures to execute increasingly complex attacks. As we approach the one-year anniversary of the collapse of prominent ransomware groups LockBit and…

Read more →