A sophisticated network of suspected North Korean IT workers has been discovered leveraging GitHub to create false identities and secure remote employment opportunities in Japan and the United States. These operatives pose as Vietnamese, Japanese, and Singaporean professionals, primarily targeting…
Tag: Cyber Security News
Beware Tax Payers! Scammers Taking Advantage of Tax Season as Filing Deadline Draws Near
With less than a month until the federal income tax return deadline on April 15, cybercriminals are intensifying their efforts to exploit taxpayers rushing to file their returns. Security experts warn that this time-sensitive period creates an ideal environment for…
CISA Warns of NAKIVO Backup Vulnerability Exploited in Attacks – PoC Released
CISA has issued an urgent warning regarding a critical vulnerability in NAKIVO Backup and Replication solutions. As reports of active exploitation emerge, organizations are urged to patch immediately. The vulnerability, tracked as CVE-2024-48248, allows unauthenticated attackers to read arbitrary files…
CISA Warns of Edimax IP Camera OS Command Injection Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical vulnerability in Edimax IC-7100 IP cameras that is actively being exploited by multiple botnets. The vulnerability, tracked as CVE-2025-1316, allows attackers to send specially crafted…
Dragon RaaS Leading ‘Five Families’ Crimeware With New Initial Access & Exploitation Methods
A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation methods that have alarmed cybersecurity experts. The Dragon RaaS operation has been…
Signal Messenger Leveraged for Targeted Attacks on Employees of Defense Industry
A sophisticated cyber espionage campaign targeting employees of defense industrial complex enterprises and representatives of the Defense Forces of Ukraine has been uncovered. The attackers are using the popular Signal messenger app to distribute malicious archives that purportedly contain meeting…
Chinese Salt Typhoon Hackers Exploiting Exchange Vulnerabilities to Attack Organizations
Security researchers have identified a sophisticated Chinese APT group known as Salt Typhoon that has been actively exploiting Microsoft Exchange’s ProxyLogon vulnerabilities to compromise organizations worldwide. The group, also tracked as FamousSparrow, GhostEmperor, Earth Estries, and UNC2286, has been operational…
Spyware Maker SpyX Data Breach Exposes Nearly 2 Million Users Personal Data
A massive data breach at consumer-grade spyware operation SpyX has compromised the personal information of nearly 2 million individuals, including thousands of Apple users with exposed iCloud credentials. The breach, which occurred in June 2024 but remained unreported until March…
Critical Veeam Backup & Replication Vulnerability Allows Malicious Remote Code Execution
A critical vulnerability in Veeam Backup & Replication systems that allows authenticated domain users to execute remote code, potentially compromising enterprise backup infrastructures. The vulnerability, identified as CVE-2025-23120, carries a severe CVSS score of 9.9, indicating its high potential for…
Malware Operation ‘DollyWay’ Hacked 20,000+ WordPress Sites Globally
In recent years, the cybersecurity landscape has witnessed a significant rise in sophisticated malware operations. One such operation is “DollyWay,” a long-running campaign that has compromised over 20,000 WordPress sites globally. This operation is notable for its advanced techniques in…
Linux Kernel Out-of-bounds Write Vulnerability Let Attackers Escalate Privileges
A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems. Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems…
Kali Linux 2025.1a Released With New Tool & Updates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Kali Linux 2025.1a New Tool & Upates to Desktop Environments
Kali Linux, the widely acclaimed cybersecurity-focused distribution, has officially unveiled its latest release, Kali Linux 2025.1a. This update not only significantly enhances desktop environments but also introduces exciting new tools and improvements tailored for cybersecurity professionals and enthusiasts. The release, available for download or upgrade, builds upon…
Threat Actors Exploiting Legacy Drivers to Bypass TLS Certificate Validation
A sophisticated attack employing Legacy Driver Exploitation technique has emerged as a significant cybersecurity threat, according to a recent security report. The attack, first documented in June 2024 by CheckPoint-Research (CPR), primarily focuses on remotely controlling infected systems using GhOstRAT…
ANY.RUN’s New Android OS Support Let SOC/DFIR Team Perform Android APK Malware Analysis
ANY.RUN, the interactive malware analysis platform has announced full support for Android OS in its cloud-based sandbox environment, enabling security teams to investigate Android malware with unprecedented accuracy and efficiency. With this new feature, ANY.RUN allows Security Operations Center (SOC)…
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which are typically used by IT administrators for system maintenance…
Critical AMI BMC Vulnerability Allows Attackers To Bypass Authentication Remotely
Security researchers have discovered a new critical vulnerability in AMI’s MegaRAC software that enables attackers to bypass authentication remotely. This latest security flaw, identified as CVE-2024-54085, affects numerous data center equipment and server models, potentially compromising cloud infrastructure security across…
Beware of Fake GitHub “Security Alerts” Let Hackers Hijack Your Account Login Credentials
A widespread phishing campaign is currently targeting GitHub repositories with fake security alerts, potentially compromising thousands of developer accounts. Cybersecurity experts warn that these sophisticated attacks could grant hackers complete control over victims’ code repositories and personal information. Security researcher…
Attackers Embedding Malicious Word file into a PDF to Evade Detections
A sophisticated attack vector dubbed “MalDoc in PDF” allows threat actors to bypass traditional security scanning by embedding malicious Word documents into PDF files. This technique, observed in attacks dating back to July, enables macros to execute when victims open…
41% of Success Logins Across Websites Involves Compromised Passwords
Password reuse continues to be one of the most significant security vulnerabilities in 2025, with alarming new data showing nearly half of all successful website logins involve previously exposed credentials. This widespread practice of recycling passwords across multiple services creates…