The Cybersecurity and Infrastructure Security Agency (CISA) issued seven Industrial Control Systems (ICS) advisories detailing critical vulnerabilities in widely used systems. These advisories highlight critical vulnerabilities in ICS products from major vendors such ABB, Carrier, Siemens and Mitsubishi Electric, providing…
Tag: Cyber Security News
Chinese Hackers Using New Bookworm Malware In Attacks Targeting Southeast Asia
Security researchers at Palo Alto Networks’ Unit 42 have uncovered a resurgence of the modular Bookworm malware in cyberattacks targeting government and diplomatic entities across Southeast Asia. The activity, attributed to the Chinese state-aligned threat actor Stately Taurus (also tracked…
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the web server component, allowed attackers to execute arbitrary code remotely. JPCERT/CC confirmed multiple exploitation…
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics. In a December 2024 investigation, 11 new Pegasus infections were detected among 18,000 devices…
Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenConfig plugin. Tracked as CVE-2025-0110, the flaw allows authenticated administrators to execute arbitrary commands on…
New Active Directory Pentesting Tool For KeyCredentialLink Management
RedTeamPentesting has unveiled a new tool, keycred, which offers a robust solution for managing KeyCredentialLinks in Active Directory (AD) environments. This command-line interface (CLI) tool and library implements the KeyCredentialLink structures as defined in section 2.2.20 of the Microsoft Active…
Windows Wi-Fi Password Stealer Malware Found Hosted on GitHub
A GitHub repository titled Windows-WiFi-Password-Stealer has surfaced, raising concerns among cybersecurity professionals. This repository, hosted by the user “cyberthirty,” provides a Python-based script capable of extracting saved WiFi credentials from Windows systems and saving them to a text file. While…
New NailaoLocker Ransomware Attacking European Healthcare
European healthcare organizations are facing a sophisticated cyber threat from a newly identified ransomware strain called NailaoLocker, deployed as part of a campaign tracked as Green Nailao by Orange Cyberdefense CERT. The attacks, first detected between June and October 2024,…
Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released
A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit code, escalating risks for organizations using the enterprise device management platform. Discovered by researchers in…
Beware of North Korean Job Interview Process Delivers Malware Via Fake Chrome Update
A new malware campaign attributed to North Korean threat actors has been identified, targeting individuals through fake job interview processes. Dubbed “Contagious Interview,” this operation delivers malicious Swift applications disguised as legitimate software updates, including a recently discovered “DriverEasy.app” masquerading…
Chinese Hackers Exploiting Check Point Firewall Vulnerability To Deploy Ransomware
A sophisticated cyber espionage campaign linked to Chinese state-aligned threat actors has targeted organizations across 15 countries using an updated variant of the Shadowpad malware to deploy previously undocumented ransomware. The attacks, analyzed by Trend Micro’s incident response team, exploit…
IBM OpenPages Vulnerability Let Attackers Steal Authentication Credentials
IBM has addressed multiple high-severity vulnerabilities in its OpenPages Governance, Risk, and Compliance (GRC) platform that could enable attackers to hijack user sessions, steal authentication credentials, and manipulate critical enterprise data. The flaws affect versions 8.3 and 9.0 of the…
Rhadamanthys Infostealer Exploiting Microsoft Management Console to Execute Malicious Script
Researchers uncovered an ongoing campaign distributing the Rhadamanthys Infostealer through malicious Microsoft Management Console (MMC) files (.MSC), leveraging both a patched DLL vulnerability and legitimate MMC functionalities to execute scripts and deploy malware. This advanced attack vector highlights evolving techniques…
Free SOC Webinar – Better SOC with Interactive Malware Sandbox, Practical Use Cases 2025
If you work in a Security Operations Center (SOC), you know the struggle all too well: hundreds of alerts flood in daily, each demanding attention. Some are false positives, others are routine, but buried among them are real threats that…
Sophisticated Phishing Attacks Targeting Decision-Makers Including CEOs and CTOs
A recent study by cybersecurity firm Hackmosphere reveals alarming gaps in phishing awareness among C-suite executives, with CEOs demonstrating particularly high susceptibility to socially engineered attacks. The research, conducted through simulated phishing campaigns, shows how even experienced decision-makers remain vulnerable…
New Zhong Malware Exploit AnyDesk Tool To Attack Fintech & Cryptocurrency
A sophisticated malware campaign leveraging social engineering tactics has targeted financial technology and cryptocurrency platforms between December 20–24, 2024. Dubbed Zhong Stealer, this previously undocumented threat employed compromised AnyDesk installations and phishing lures to infiltrate systems, stealing credentials and establishing…
Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS
Researchers uncovered nine critical vulnerabilities in NVIDIA’s CUDA Toolkit, a cornerstone software suite for GPU-accelerated computing. These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose developers to denial-of-service (DoS) attacks and information disclosure risks when analyzing maliciously crafted cubin files.…
Fedora Linux Kernel Vulnerability Let Attackers Gain Access to Sensitive Data
A critical vulnerability (CVE-2025-1272) in Fedora Linux kernels starting at version 6.12 has disabled the kernel’s Lockdown Mode by default, potentially allowing attackers to bypass Secure Boot protections, load unsigned kernel modules, and access sensitive kernel memory regions. The regression,…
AWS Key Hunter – A Free Automated Tool to Detect Exposed AWS keys
AWS-Key-Hunter is an open-source tool released to automatically scan public GitHub repositories for exposed AWS access keys. The tool, which leverages continuous monitoring and Discord-based alerts, aims to mitigate risks associated with accidental credential leaks in version control systems. According to the…
Microsoft Admin Technical Guide to Block & Remove Apps on Endpoints
In response to growing regulatory requirements worldwide, Microsoft has published detailed technical guidance for Intune administrators on blocking and removing specific applications from managed endpoints. The guide focuses on compliance with international frameworks such as Australia’s Protective Security Policy Framework…