2024 marked a record-breaking year for cybersecurity challenges as threat actors ramped up their exploitation of vulnerabilities. According to the latest findings from VulnCheck, 768 Common Vulnerabilities and Exposures (CVEs) were publicly reported as exploited in the wild for the…
Tag: Cyber Security News
New Malware Campaign Mimic Tax Agencies Attacking Financial Organizations
Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting tax season to target financial organizations and individuals globally. The campaign involves phishing emails impersonating tax agencies and financial institutions, delivering malware and harvesting sensitive credentials. The malicious actors behind this…
MediaTek Chipsets WLAN Vulnerabilities Exposes Million of Devices to Remote Attacks
Researchers have identified critical vulnerabilities in MediaTek wireless LAN (WLAN) drivers that could potentially expose millions of devices to severe security risks. These vulnerabilities, tracked under the Common Vulnerabilities and Exposures (CVE) identifiers CVE-2025-20631, CVE-2025-20632, and CVE-2025-20633, allow attackers to…
Globe Life Ransomware Attack – 850,000+ Users Personal & Health Data Exposed
Globe Life Inc. has become the latest victim of a high-profile cybersecurity incident, with a threat actor claiming access to sensitive personal and health data of over 850,000 individuals. The attack, while not involving traditional ransomware, appears to be an…
Microsoft Announces AI Avatar for Teams Meeting
Microsoft has announced the rollout of Avatars for Microsoft Teams, a feature that allows users to create personalized avatars for meetings using Artificial Intelligence (AI). This revolutionary update is designed to make virtual meetings more engaging and inclusive by enabling…
ChatGPT Announces Deep Research That Handles Complex Tasks Faster Than Humans
OpenAI has introduced an innovative feature for ChatGPT called “Deep Research,” designed to handle complex, multi-step research tasks with exceptional efficiency. Powered by the upcoming OpenAI o3 model, this tool promises to revolutionize how professionals and everyday users approach in-depth…
Arm Mali GPU Kernel Driver 0-Day Vulnerability Actively Exploited in the Wild
Arm, a leader in semiconductor technology, has disclosed a series of critical security vulnerabilities affecting its Mali GPU Kernel Drivers and firmware. These vulnerabilities, spanning across multiple GPU architectures, including Bifrost, Valhall, and the Arm 5th Gen GPU Architecture, pose…
Hackers Abusing AWS & Microsoft Azure To Launch Large-Scale Cyber Attacks
Hackers are increasingly leveraging cloud platforms like Amazon Web Services (AWS) and Microsoft Azure to orchestrate large-scale cyber attacks. These platforms, which host critical infrastructure for businesses worldwide, are being exploited through sophisticated methods, including fraudulent account setups, API key…
New Phishing Attack Hijacking High-Profile X Accounts To Promote Phishing Sites
A sophisticated phishing campaign has emerged, targeting high-profile X (formerly Twitter) accounts to promote fraudulent cryptocurrency schemes. The attack exploits the credibility of verified accounts, leveraging their reach to deceive users into visiting phishing sites. The attackers employ a variety…
Alibaba Cloud Storage Service Vulnerability Allows Unauthorized Data Uploads
A significant security vulnerability has been discovered in Alibaba Cloud Object Storage Service (OSS), enabling unauthorized users to upload data to cloud storage. This misconfiguration poses risks such as unauthorized data storage, overwriting sensitive files, and potential data breaches. The…
NVIDIA GPU Display Driver Vulnerability Lets Attackers Steal Files Remotely – Update Now
NVIDIA has released a critical software security update to address multiple vulnerabilities affecting its GPU Display Driver and Virtual GPU (vGPU) software. Among these is CVE‑2024‑0149, a vulnerability in the NVIDIA GPU Display Driver for Linux that could allow attackers unauthorized…
Linux 6.14 Released – 500,000 Lines of Code Modified
Linus Torvalds, the creator of the Linux kernel, has announced the release of Linux 6.14-rc1, marking the end of the two-week merge window. This release is notably smaller than usual, attributed to reduced development activity during the holiday season. Despite…
U.S Community Health Center Hacked – 1 Million Patients Data Stolen
Community Health Center, Inc. (CHC), a Connecticut-based federally qualified health center, has disclosed a data breach following a criminal cyberattack on its systems. The breach potentially exposed the sensitive personal and health information of patients and individuals who received COVID-19…
APT37 Hackers Abusing Group Chats To Attack Via Malicious LNK File
The North Korean state-sponsored hacking group APT37 (aka ScarCruft, Reaper), has been identified leveraging group chat platforms to distribute malicious LNK files. This latest tactic highlights the group’s evolving methods to infiltrate systems and exfiltrate sensitive data. APT37’s recent campaign…
Parrot 6.3 Released With Improved Security & New Hacking Tools
ParrotOS, the cybersecurity-focused Linux distribution, has recently released its latest update, Parrot 6.3, which includes a number of new features, performance improvements, and updated tools to enhance the user experience. This release is designed to make ParrotOS faster, more stable,…
5 Best Infrastructure as Code (IaC) Vulnerability Scanning Tools in 2025
As organizations increasingly adopt Infrastructure as Code (IaC) to automate and manage their cloud environments, ensuring the security of these configurations has become a critical priority. IaC allows teams to define infrastructure using code, enabling rapid deployment and scalability, but…
Devil-Traff – New Malicious Bulk SMS Portal That Fuels Phishing Attacks
A new threat to cybersecurity has emerged in the form of Devil-Traff, a bulk SMS platform designed to facilitate large-scale phishing campaigns. Leveraging advanced features such as sender ID spoofing, API integration, and support for malicious content, this platform has…
10 Best Web Application Firewall (WAF) – 2025
A Web Application Firewall (WAF) is a security solution designed to protect web applications by monitoring, filtering, and blocking malicious HTTP/S traffic. Operating at the OSI model’s application layer (Layer 7), a WAF acts as a reverse proxy between users…
New Windows 11 (x64) Modern Kernel Race Conditions Uncovered – PoC Released
A sophisticated race condition vulnerability affecting Windows 11 (x64) kernel operations, highlighting ongoing concerns about kernel-level security in modern operating systems. These race conditions, which stem from the operating system’s inability to synchronize shared resources during concurrent operations properly, could…
New Process Hollowing Attack Vectors Uncovered in Windows 11 (24H2)
The recent release of Windows 11 version 24H2 has introduced a range of new features and updates, but it has also raised significant cybersecurity concerns. A longstanding malware technique known as Process Hollowing or RunPE has encountered compatibility issues on…