Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. Following the investigation, WhatsApp notified approximately 90 potential victims and confirmed…
Tag: Cyber Security News
Babuk2 Ransomware Issuing Fake Extortion Demands With Data from Old Breaches
The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the…
Multiple Dell Secure Connect Gateway Flaws Allows System Compromise
Dell Technologies has issued a critical security advisory warning customers about multiple vulnerabilities in its Secure Connect Gateway (SCG) product that could potentially lead to system compromise. The vulnerabilities affect versions prior to 5.28.00.14 and require immediate attention from system…
North Korean IT Workers Exploiting GitHub to Attack Organizations Worldwide
A sophisticated network of suspected North Korean IT workers has been discovered leveraging GitHub to create false identities and secure remote employment opportunities in Japan and the United States. These operatives pose as Vietnamese, Japanese, and Singaporean professionals, primarily targeting…
Beware Tax Payers! Scammers Taking Advantage of Tax Season as Filing Deadline Draws Near
With less than a month until the federal income tax return deadline on April 15, cybercriminals are intensifying their efforts to exploit taxpayers rushing to file their returns. Security experts warn that this time-sensitive period creates an ideal environment for…
CISA Warns of NAKIVO Backup Vulnerability Exploited in Attacks – PoC Released
CISA has issued an urgent warning regarding a critical vulnerability in NAKIVO Backup and Replication solutions. As reports of active exploitation emerge, organizations are urged to patch immediately. The vulnerability, tracked as CVE-2024-48248, allows unauthenticated attackers to read arbitrary files…
CISA Warns of Edimax IP Camera OS Command Injection Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical vulnerability in Edimax IC-7100 IP cameras that is actively being exploited by multiple botnets. The vulnerability, tracked as CVE-2025-1316, allows attackers to send specially crafted…
Dragon RaaS Leading ‘Five Families’ Crimeware With New Initial Access & Exploitation Methods
A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation methods that have alarmed cybersecurity experts. The Dragon RaaS operation has been…
Signal Messenger Leveraged for Targeted Attacks on Employees of Defense Industry
A sophisticated cyber espionage campaign targeting employees of defense industrial complex enterprises and representatives of the Defense Forces of Ukraine has been uncovered. The attackers are using the popular Signal messenger app to distribute malicious archives that purportedly contain meeting…
Chinese Salt Typhoon Hackers Exploiting Exchange Vulnerabilities to Attack Organizations
Security researchers have identified a sophisticated Chinese APT group known as Salt Typhoon that has been actively exploiting Microsoft Exchange’s ProxyLogon vulnerabilities to compromise organizations worldwide. The group, also tracked as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been operational…
Spyware Maker SpyX Data Breach Exposes Nearly 2 Million Users Personal Data
A massive data breach at consumer-grade spyware operation SpyX has compromised the personal information of nearly 2 million individuals, including thousands of Apple users with exposed iCloud credentials. The breach, which occurred in June 2024 but remained unreported until March…
Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution
A critical vulnerability in Veeam Backup & Replication systems that allows authenticated domain users to execute remote code, potentially compromising enterprise backup infrastructures. The vulnerability, identified as CVE-2025-23120, carries a severe CVSS score of 9.9, indicating its high potential for…
Malware Operation ‘DollyWay’ Hacked 20,000+ WordPress Sites Globally
In recent years, the cybersecurity landscape has witnessed a significant rise in sophisticated malware operations. One such operation is “DollyWay,” a long-running campaign that has compromised over 20,000 WordPress sites globally. This operation is notable for its advanced techniques in…
Linux Kernel Out-of-bounds Write Vulnerability Let Attackers Escalate Privileges
A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems. Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems…
Kali Linux 2025.1a Released With New Tool & Updates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…
ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…
Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…