U.S. law enforcement announced the recovery of $31 million in cryptocurrency tied to the 2021 Uranium Finance exploit, marking one of the largest DeFi-related asset seizures. The operation, spearheaded by the Southern District of New York (SDNY) and Homeland Security…
Tag: Cyber Security News
Tata Technologies Allegedly Breached – Huntress Claim Leak of Sensitive data
Indian multinational tech giant Tata Technologies, a subsidiary of Tata Motors, is in the spotlight following allegations by ransomware group Hunters International of a major data breach. According to Huntress Group, the claim resulted in the theft of 1.4 TB…
VMware ESXi Vulnerabilities Exploited in Wild to Execute Malicious Code
VMware has issued a critical security advisory (VMSA-2025-0004) warning of active exploitation of three vulnerabilities in its ESXi, Workstation, and Fusion products. These flaws, CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, allow attackers to execute malicious code, escalate privileges, and leak sensitive memory…
New Android RAT Dubbed “AndroRAT” Attacking to Steal Pattern, PIN & Passcodes
A newly identified variant of the Android Remote Access Tool (RAT), AndroRAT, has emerged as a critical cybersecurity threat, leveraging sophisticated techniques to steal device unlock patterns, PINs, and passcodes. The malware, first documented in 2012 as an open-source university…
Docusnap for Windows Vulnerability Let Attackers Access Sensitive Data
A critical information disclosure vulnerability in Docusnap, a widely used IT inventory management solution, allows attackers to decrypt sensitive system data collected from Windows hosts. Designated as CVE-2025-26849, the flaw stems from the use of a static encryption key to…
Hackers Attacking 4000+ ISPs With New Malware for Remote Access
Researchers from Splunk have identified a sophisticated malware campaign targeting over 4,000 Internet Service Providers (ISPs) primarily located on the West Coast of the United States and in China. The campaign, which originated from Eastern Europe, uses a combination of…
CISA Warns of Windows Win32k Vulnerability Exploited to Run Arbitrary code
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding CVE-2018-8639, a privilege escalation vulnerability in the Microsoft Windows Win32k component, which threat actors are actively exploiting to execute arbitrary code in kernel mode. Added to CISA’s Known…
33.3 Million Cyber Attacks Targeted Mobile Devices In 2024, Keep Your Devices Safe!
A staggering 33.3 million attacks involving malware, adware, and unwanted mobile software were prevented throughout 2024. This alarming figure translates to an average of 2.8 million attempted attacks per month, highlighting the persistent and evolving threat landscape facing mobile device…
IBM Storage Virtualize Vulnerabilities Let Attackers Execute Arbitrary Code
IBM has issued urgent security advisories for two high-severity vulnerabilities (CVE-2025-0159, CVE-2025-0160) affecting its Storage Virtualize product suite, including SAN Volume Controller, Storwize, and FlashSystem families. These flaws enable attackers to bypass authentication and execute arbitrary code remotely via the…
BigAnt Server 0-day Vulnerability Let Attackers Execute Malicious Code Via File Uploads
A critical zero-day vulnerability in BigAntSoft’s BigAnt Server (CVE-2025-0364) allows unauthenticated attackers to execute arbitrary code on affected systems through a chain of SaaS registration abuses and PHP file uploads. The flaw, discovered by VulnCheck researchers during an analysis of…
Threat Actors Leveraging AES Cryptography For Payload Protection
Several sophisticated multi-stage malware campaigns were revealed by recent findings from Palo Alto Networks’ Unit 42 have employing advanced encryption techniques to evade detection. Threat actors are increasingly using the Advanced Encryption Standard (AES) in combination with code virtualization to…
Google Warns of Two Critical Android Vulnerabilities Under Attack – Update Now!
Google has issued an urgent security alert for CVE-2024-43093 and CVE-2024-50302, two critical Android vulnerabilities actively exploited in coordinated attacks targeting devices running Android 12 through 15. Patched in the March 2025 Android Security Bulletin (security patch level 2025-03-05), these…
CISA Warns of Cisco Small Business Routers Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory, warning that a critical command injection vulnerability in Cisco Small Business RV Series Routers tracked as CVE-2023-20118 is being actively exploited in the wild. The flaw, which carries…
Paragon Partition Manager Vulnerabilities Let Attackers Escalate Privilege & Trigger DoS Attacks
Five critical memory vulnerabilities in Paragon Partition Manager’s BioNTdrv.sys driver have been discovered, allowing attackers to escalate privileges and cause denial-of-service conditions on affected systems. The vulnerabilities, identified in versions prior to 2.0.0, were officially disclosed on February 28, 2025,…
Hackers Weaponizing PowerShell & Microsoft Legitimate Apps To Deploy Malware
Cybersecurity experts have recently observed a concerning trend in attack methodologies, with threat actors increasingly leveraging fileless techniques that weaponize PowerShell and legitimate Microsoft applications to deploy malware while evading detection. These sophisticated attacks operate primarily in memory, leaving minimal…
Hackers Using ClickFix Tactic to Attack Windows Machine & Gain Full Control of System
A sophisticated phishing campaign in which threat actors are utilizing a multi-stage attack chain that combines social engineering tactics with modified open-source tools to compromise Windows systems. The campaign, active as of March 2025, employs the ClickFix technique to deceive…
Google’s New Email Shield Feature Let Users Hide Email From Apps
Google is advancing its email privacy arsenal with the development of Shielded Email, a feature designed to generate disposable email aliases for users signing up for apps and services. First uncovered in a Google Play Services v24.45.33 APK teardown by…
U.S. Halts Cyber Operations Targeting Russia
The United States has paused offensive cyber operations against Russia under an order from Defense Secretary Pete Hegseth, causing debates over geopolitical strategy and domestic cybersecurity priorities. While U.S. Cyber Command—a Unified Combatant Command overseeing military cyber operations—adheres to the…
Attackers Automating Vulnerability Exploits with Few Hours of Disclosure
The cybersecurity landscape of 2024 witnessed an unprecedented increase in mass internet exploitation, driven by attackers’ ability to automate vulnerability exploits within hours of disclosure. GreyNoise’s 2025 Mass Internet Exploitation Report reveals a systematic industrialization of cyberattacks, with threat actors…
HiveOS Vulnerabilities Let Attackers Execute Arbitrary Commands
Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems. The flaws—tracked as CVE-2025-27229, CVE-2025-27228, and CVE-2025-27227—were disclosed through coordinated…