Tag: Cyber Security News

Microsoft’s March 2025 Patch Tuesday addresses 57 vulnerabilities, including six zero-day vulnerabilities that are currently being exploited. The security update includes fixes for Windows, Microsoft Office, Azure, and other components. The March update included fixes for: In addition to the…

Read more →

SIM swap attacks have emerged as a growing cybersecurity threat, with security researchers documenting a 38% increase in successful attacks during the first quarter of 2025. These sophisticated attacks involve criminals convincing mobile carriers to transfer a victim’s phone number…

Read more →

A series of ongoing, targeted cyber campaigns by Blind Eagle (APT-C-36), one of Latin America’s most dangerous threat actors primarily targeting Colombia’s justice system, government institutions, and private organizations were recently unveiled by Check Point Research (CPR). The group has…

Read more →

Artificial intelligence has emerged as a formidable weapon in the cybercriminal arsenal, enabling attacks with unprecedented precision, speed, and scale. Security experts warn that cybercriminals are increasingly leveraging automated AI systems to penetrate networks, steal data, and deploy intelligent viruses…

Read more →

Mandiant researchers, part of Google’s cybersecurity division, have uncovered several critical security bugs in Microsoft’s Time Travel Debugging (TTD) framework. The findings reveal significant instruction emulation inaccuracies that could potentially compromise security analyses and incident response investigations, leading analysts to…

Read more →

In a rapidly evolving digital landscape where cyber threats emerge daily, ANY.RUN is empowering Security Operations Centers (SOCs) worldwide with its cutting-edge Threat Intelligence (TI) Feeds. These continuously updated streams of Indicators of Compromise (IOCs) are designed to help organizations…

Read more →

Multiple critical vulnerabilities in ICONICS SCADA systems were uncovered recently by the researchers from Palo Alto Networks’ Unit 42, widely deployed across government, military, manufacturing, and utility sectors. The security flaws, discovered in ICONICS Suite versions 10.97.2 and 10.97.3 for…

Read more →

A sophisticated new ransomware strain dubbed “Ebyte” targeting Windows systems across North America and Europe. The ransomware has compromised thousands of systems since its detection three weeks ago, utilizing advanced encryption tactics that have challenged security experts. Initial infection vectors…

Read more →

A large-scale malware campaign targeting Android users through fraudulent Google Play Store download pages has been uncovered recently by CTM360. The sophisticated operation, which they’ve named ‘PlayPraetor,’ has infected thousands of devices across South-East Asia, particularly targeting financial institutions and…

Read more →

FortiGuard Labs has recently uncovered more than 5,000 malicious software packages designed to compromise Windows systems. These packages, detected from November 2024 onward, employ sophisticated techniques to evade traditional security measures while executing harmful actions that can lead to data…

Read more →

Cybersecurity researchers have identified intensified activity from the SideWinder APT group throughout 2024, with significant updates to their toolset and expanded targeting beyond traditional military and government entities. Recent findings reveal that SideWinder has developed a massive new infrastructure to…

Read more →

The historical vulnerability of NULL pointer dereferences in macOS that previously allowed attackers to execute arbitrary code with kernel privileges has been unveiled recently by security analysts. Despite modern systems having robust mitigations, understanding these historical attack vectors provides valuable…

Read more →

A critical security vulnerability in Apache Tomcat (CVE-2025-24813) has exposed servers to remote code execution (RCE), information disclosure, and data corruption risks.  The flaw, rooted in improper handling of partial HTTP PUT requests, affects Tomcat versions 11.0.0-M1 to 11.0.2, 10.1.0-M1…

Read more →

The Linux kernel has taken a significant step toward improved security with the growing adoption of Rust programming language components aimed at eliminating memory safety bugs. The Rust for Linux project has reached a critical tipping point, with multiple drivers…

Read more →

A critical security flaw in Veritas’ Arctera InfoScale product line has exposed enterprise systems to remote code execution (RCE) attacks, underscoring persistent risks in disaster recovery infrastructure.  Tracked as CVE-2025-27816, the vulnerability (CVSS v3.1 score: 9.8) resides in the Windows…

Read more →

A critical Android vulnerability identified as CVE-2024-31317 has been discovered that allows attackers to execute arbitrary code with system privileges. The “Zygote Injection” vulnerability affects devices running Android 11 or older and enables attackers to escalate privileges from a shell…

Read more →

A sophisticated malware toolkit known as Ragnar Loader has been identified as a critical component in targeted ransomware attacks. The loader, also known as Sardonic Backdoor, serves as the primary infiltration mechanism for the Monstrous Mantis ransomware group, formerly known…

Read more →

A sophisticated cybercriminal group known as EncryptHub has successfully compromised approximately 600 organizations through a multi-stage malware campaign. The threat actor exploited operational security mistakes, inadvertently exposing critical elements of their infrastructure, which allowed researchers to map their tactics with…

Read more →

Google has rolled out a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could enable arbitrary code execution and sandbox escapes.  The Stable Channel Update 134.0.6998.88/.89 for Windows and Mac, and 134.0.6998.88 for Linux, released on…

Read more →

Passwordless authentication tools are revolutionizing digital security by eliminating the reliance on traditional passwords. Instead, they use advanced technologies such as biometrics (fingerprints, facial recognition), hardware tokens, or one-time passcodes to verify user identities. This approach significantly enhances security by…

Read more →