A new tool has emerged that promises to revolutionize the way organizations approach threat modeling. STRIDE GPT, an AI-powered threat modeling tool, leverages the capabilities of large language models (LLMs) to generate comprehensive threat models and attack trees for applications,…
Tag: Cyber Security News
ViperSoftX Malware Attacking Users via Cracked Software
A sophisticated malware campaign utilizing the notorious ViperSoftX malware has been targeting users through cracked software and torrent downloads since early April 2025. This PowerShell-based threat operates through a multi-stage infection process, establishing command and control communications before downloading additional…
Shuckworm Group Uses PowerShell Based GammaSteel Malware in Targeted Attacks
The Russia-linked espionage group Shuckworm has continued its relentless focus on Ukraine into 2025, with new attacks targeting a Western country’s military mission based in Eastern Europe. This latest campaign, observed from February through March 2025, represents an evolution in…
100,000 WordPress Sites Vulnerable to Rogue Creation Vulnerability
A critical vulnerability affecting over 100,000 WordPress websites has been discovered in the SureTriggers WordPress plugin, potentially allowing attackers to create unauthorized administrator accounts. The flaw, identified as CVE-2025-3102 with a CVSS score of 8.1 (High), impacts all versions of…
GOFFEE Leveraging PowerModul Tool to Attack Government & Energy Organizations
The threat actor known as GOFFEE has escalated its malicious campaign in 2024, introducing a new implant dubbed “PowerModul” to target government entities and energy organizations primarily located in Russia. First identified in early 2022, GOFFEE has evolved from deploying…
Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks
A seven-year-old vulnerability in Cisco networking equipment continues to pose significant security risks, enabling attackers to execute remote code on unpatched systems. Discovered initially in 2018, CVE-2018-0171 targets Cisco’s Smart Install feature, a plug-and-play configuration utility designed to simplify network…
0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control
Security researcher Prizm Labs has discovered a serious flaw in the SuperNote A6 X2 Nomad, a well-known 7.8-inch E-Ink tablet made by Ratta Software. The flaw, now assigned CVE-2025-32409, could allow a malicious attacker on the same network to fully…
UPI Down – UPI Outage Disrupt Millions of Digital Transactions Across India
India’s Unified Payments Interface (UPI), the backbone of the country’s digital payment ecosystem, faced a significant outage today, marking the fourth disruption in less than three weeks. The outage, which began around 10:30 AM IST, affected millions of users across…
Beware Developers! Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data
FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these packages were published by a…
NVIDIA’s Incomplete Patch for Critical Flaw Lets Attackers Steal AI Model Data
A critical vulnerability in NVIDIA’s Container Toolkit, CVE-2024-0132, remains exploitable due to an incomplete patch, endangering AI infrastructure and sensitive data. Coupled with a newly discovered denial-of-service (DoS) flaw in Docker on Linux, these issues could allow attackers to breach…
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals
RansomHub, a relatively newer player in the ransomware-as-a-service (RaaS) landscape, is experiencing significant internal turmoil after affiliates suddenly lost access to negotiation chat portals on April 1st, 2025. This disruption has forced affiliates to redirect victim communications to alternative platforms,…
Sapphire Werewolf Enhances Toolkit With New Amethyst Stealer to Attack Energy Companies
Cybersecurity experts have detected a sophisticated campaign targeting energy sector companies, as the threat actor known as Sapphire Werewolf deploys an enhanced version of the Amethyst stealer malware. The campaign represents a significant evolution in the group’s capabilities, featuring advanced…
Hackers Exploiting Domain Controller to Deploy Ransomware Using RDP
Microsoft has recently uncovered a sharp rise in ransomware attacks exploiting domain controllers (DCs) through Remote Desktop Protocol (RDP), with the average attack costing organizations $9.36 million in 2024. These sophisticated campaigns aim to cripple enterprises by encrypting critical systems…
Active Directory Attack Kill Chain Checklist & Tools List- 2025
The “Active Directory Kill Chain Attack & Defense” concept is a structured approach to understanding the sequence of events or stages involved in an Active Directory (AD) attack and the corresponding defensive measures to counteract or prevent such attacks. Microsoft…
Hackers Actively Exploits Patched Fortinet FortiGate Devices to Gain Root Access Using Symbolic Link
Fortinet has uncovered a sophisticated post-exploitation technique used by a threat actor to maintain unauthorized access to FortiGate devices, even after initial vulnerabilities were patched. The discovery, detailed in a recent Fortinet investigation, highlights the persistent risks of unpatched systems…
Google Unveils A2A Protocol That Enable AI Agents Collaborate to Automate Workflows
Google has announced the launch of Agent2Agent Protocol (A2A), a groundbreaking open protocol designed to enable AI agents to communicate with each other, securely exchange information, and coordinate actions across enterprise platforms. Revealed on April 9, 2025, the protocol marks…
Ransomware Attack Prevention Checklist – 2025
Businesses face significant hazards from ransomware attacks, which are capable of causing severe damage in a brief period. Over the past few years, numerous well-known companies, including CNA Financial, JBS Foods, and Colonial Pipeline, have fallen victim to such attacks,…
Beware of Fake mParivahan App Attacking Mobile Users Via WhatsApp to Steal Sensitive Data
Cybercriminals have launched a sophisticated malware campaign targeting Android users through fake traffic violation messages on WhatsApp. The malware, disguised as “NextGen mParivahan,” mimics the official government application developed by the Ministry of Road Transport & Highways, which provides digital…
APT32 Hackers Weaponizing GitHub to Attack Cybersecurity Professionals & Enterprises
The APT32 (OceanLotus) has launched a novel campaign weaponizing GitHub repositories to distribute malware to cybersecurity researchers and enterprises. This operation represents a strategic shift from the group’s historical focus on Southeast Asian government and corporate targets, instead exploiting the…
Laboratory Services Cooperative Data Breach – 1.6 Million People Impacted
Laboratory Services Cooperative (LSC), a Seattle-based non-profit organization providing lab testing services to select Planned Parenthood centers, has disclosed a major data security incident affecting approximately 1.6 million individuals. The breach, discovered in October 2024, resulted in unauthorized access to…