A significant data breach involving sensitive healthcare worker information has been discovered, exposing over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. Cybersecurity researcher Jeremiah Fowler identified an unprotected AWS S3 storage bucket containing approximately 108.8 GB of…
Tag: Cyber Security News
CISA Warns of Apple WebKit Out-of-Bounds Write Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has warned about an actively exploited zero-day vulnerability in Apple’s WebKit browser engine, tracked as CVE-2025-24201. This vulnerability, an out-of-bounds write issue, could allow attackers to execute unauthorized code on vulnerable devices. The…
CISA Warns of Juniper Junos OS Improper Isolation Vulnerability Exploited in Wild
CISA has issued a warning regarding a newly discovered vulnerability affecting Juniper Networks’ Junos OS. The vulnerability, identified as CVE-2025-21590, involves an improper isolation or compartmentalization issue within the operating system’s kernel. This flaw could allow a local attacker with…
2-year-old Windows Kernel 0-day Vulnerability Exploited in the Wild
Microsoft has patched a critical Windows Kernel vulnerability that has been actively exploited for nearly two years. The vulnerability, tracked as CVE-2025-24983, was included in the company’s March 2025 Patch Tuesday release in March. According to cybersecurity firm ESET, which…
Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords
A significant security vulnerability has been identified in Apache NiFi, allowing potential attackers with specific access privileges to expose MongoDB authentication credentials. The vulnerability, tracked as CVE-2025-27017 (NIFI-14272), affects multiple versions of the Apache NiFi data processing system and could…
Bitdefender Warns of Multiple Vulnerabilities That Let Attackers Execute MITM Attack
Bitdefender has disclosed two critical vulnerabilities affecting its BOX v1 device that could allow network-adjacent attackers to execute Man-in-the-Middle (MITM) attacks, potentially leading to remote code execution. The vulnerabilities, assigned CVE-2024-13872 and CVE-2024-13871, both received a CVSS score of 9.4,…
Mozilla Urging Users to Update Firefox, Else Add-ons Will Stop Working
Mozilla has issued an urgent warning to Firefox users worldwide, emphasizing the critical need to update their browsers before March 14, 2025, when a vital root certificate will expire. This expiration threatens to disable extensions, break DRM-protected content playback, and…
North Korean Hackers’ Android Malware on Google Play Steals SMS, Call Logs & Screenshots
A sophisticated new Android malware campaign linked to North Korean hackers has been discovered, posing a significant security threat that managed to infiltrate Google’s official Play Store. The spyware, dubbed “KoSpy,” targets Korean and English-speaking users by disguising itself as…
Tenda AC7 Routers Vulnerability Let Attackers Gain Root Shell With Malicious Payload
A severe vulnerability in Tenda AC7 Routers running firmware version V15.03.06.44 allows malicious actors to execute arbitrary code and gain root shell access. The flaw originates from a stack overflow vulnerability in the router’s formSetFirewallCfg function. Attackers can use a…
Meta Warns of FreeType Vulnerability Exploited in Wild to Execute Arbitrary Code
A critical vulnerability in the widely used FreeType font rendering library has been discovered and is reportedly being exploited in the wild, posing a serious security threat to millions of devices across multiple platforms. Security researchers have identified the flaw,…
Blind Eagle Attacking Organizations With Weaponized .url Files To Extract User Hash
The cybersecurity landscape has witnessed a concerning development as the threat actor group known as Blind Eagle (also tracked as APT-C-36) has launched a sophisticated campaign targeting organizations primarily in South America with a novel attack vector. The group, known…
Beware of North Korean Hackers DocSwap Malware Disguised As Security Document Viewer
A sophisticated malware campaign targeting mobile users in South Korea has been uncovered, with clear links to North Korean threat actors. The malicious application, masquerading as a “Document Viewing Authentication App” (문서열람 인증 앱). This malicious app was identified through…
Fake Captcha Malware Attacking Windows Users To execute PowerShell Commands
A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…
Hackers Using JSPSpy Tool To Manage Malicious Webshell Infrastructure
Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…
GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User
GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances. The company has urged all self-managed GitLab installations to immediately upgrade to versions…
Medusa Ransomware Hacked 300+ Organizations Worldwide from Variety of Critical Infrastructure
A highly sophisticated ransomware variant named Medusa has compromised over 300 organizations worldwide from critical infrastructure sectors. The attacks have targeted a wide array of industries including medical, education, legal, insurance, technology, and manufacturing sectors, demonstrating the threat actor’s broad…
New OBSCURE#BAT Manipulates System Processes & Registry Entries To Evade Detection
A sophisticated malware campaign, tracked as OBSCURE#BAT, has been identified using heavily obfuscated batch scripts to install stealthy rootkits, allowing attackers to maintain persistent access to compromised systems while avoiding detection. This campaign uses social engineering tactics and deceptive file…
Fortinet Addresses Multiple Vulnerabilities in FortiSandbox, FortiOS, & Other Products
Fortinet has released a comprehensive security update addressing numerous vulnerabilities across its product portfolio, with particularly significant issues identified in FortiSandbox, FortiOS, and several other enterprise security solutions. These vulnerabilities range from medium to high severity and could potentially allow…
China-Nexus Group Hacked Juniper Networks and Implant Backdoors on Its Routers
In a significant cybersecurity breach discovered in mid-2024, a sophisticated threat actor deployed custom backdoors on Juniper Networks’ Junos OS routers. The intrusion represents an alarming development in the targeting of critical network infrastructure by nation-state actors, with potential implications…
US Charges 12 Chinese Hackers For Hacking National Security Infrastructure
The United States Department of Justice unveiled charges against twelve Chinese nationals on March 5, 2025, accusing them of orchestrating a sophisticated global cyber espionage campaign targeting critical American infrastructure, government agencies, and dissidents. The indictments mark a significant escalation…