Google has announced the full general availability of client-side encryption (CSE) for Google Sheets. This significant upgrade gives organizations direct control over encryption keys and enhances data confidentiality within Google Workspace. This move extends robust security features to spreadsheets, ensuring…
Tag: Cyber Security News
Kubernetes C# Client Vulnerability Exposes API Server Communication To MiTM Attack
A medium-severity vulnerability has been discovered in the official Kubernetes C# client, which could allow an attacker to intercept and manipulate sensitive communications. The flaw, rated 6.8 on the CVSS scale, stems from improper certificate validation logic. This weakness exposes…
Critical Chaos Mesh Vulnerabilities Let Attackers Takeover Kubernetes Cluster
Critical vulnerabilities were identified in Chaos Mesh, a popular Cloud Native Computing Foundation chaos engineering platform used for fault injection testing in Kubernetes environments. The security flaws, collectively dubbed “Chaotic Deputy,” comprise four CVEs that enable complete cluster compromise through…
How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks
A threat actor who gained initial access through a SonicWall VPN device was able to escalate their attack by finding Huntress recovery codes saved in a plaintext file on a user’s desktop. This allowed the attacker to log into the…
World’s Largest Hacking Forum BreachForums Creator Sentenced to Three Years in Prison
Conor Brian Fitzpatrick, the 22-year-old founder of BreachForums, has been resentenced to three years in federal prison for operating one of the world’s largest cybercriminal marketplaces. The New York resident was sentenced on September 16, 2025, for creating and administering…
Hackers Can Exploit Bitpixie Vulnerability to Bypass BitLocker Encryption and Escalate Privileges
A critical vulnerability in Windows Boot Manager, known as bitpixie, enables attackers to bypass BitLocker drive encryption and escalate local privileges on Windows systems. The vulnerability affects boot managers from 2005 to 2022 and can still be exploited on updated systems through…
FinWise Insider Breach Exposes 700K Customer Records to Former Employee
American First Finance, LLC, a Dallas-based financial services firm, suffered a significant insider breach when a recently terminated employee exploited unauthorized access to its production database. The incident, dubbed the FinWise insider breach, resulted in the exfiltration of sensitive customer…
Massive “Shai-Halud” Supply Chain Attack Compromised 477 NPM Packages
A large-scale supply chain attack dubbed “Shai-Halud” that infiltrated the JavaScript ecosystem via the npm registry. In total, 477 packages, including packages from CrowdStrike, were found to contain stealthy backdoors and trojanized modules designed to siphon credentials, exfiltrate source code,…
Linux Kernel’s KSMBD Subsystem Vulnerability Let Remote Attackers Exhaust Server Resources
A denial-of-service flaw in the Linux kernel’s KSMBD (SMB Direct) subsystem has raised alarms across the open-source community. Tracked as CVE-2025-38501, the issue allows a remote, unauthenticated adversary to exhaust all available SMB connections by exploiting the kernel’s handling of…
Hackers Stolen Millions of Users Personal Data from Gucci, Balenciaga and Alexander McQueen Stores
Luxury fashion company Kering has confirmed a data exfiltration incident in which threat actor Shiny Hunters accessed private customer records for Gucci, Balenciaga, and Alexander McQueen. The breach, detected in June but occurring in April, exposed personally identifiable information (PII)…
Threat Actors Could Misuse Code Assistant To Inject Backdoors and Generating Harmful Content
Modern development workflows increasingly rely on AI-driven coding assistants to accelerate software delivery and improve code quality. However, recent research has illuminated a potent new threat: adversaries can exploit these tools to introduce backdoors and generate harmful content without immediate…
Top 10 Best Privileged Access Management (PAM) Tools in 2025
In today’s complex digital landscape, where data breaches and cyberattacks are a constant threat, securing privileged accounts is more critical than ever. Privileged Access Management (PAM) is a core component of any robust cybersecurity strategy, focusing on managing and monitoring…
RevengeHotels Leveraging AI To Attack Windows Users With VenomRAT
RevengeHotels, a financially motivated threat group active since 2015, has escalated its operations against hospitality organizations by integrating large language model–generated code into its infection chain. Initially known for deploying bespoke RAT families such as RevengeRAT and NanoCoreRAT via phishing…
KillSec Ransomware Attacking Healthcare Industry IT Systems
The KillSec ransomware strain has rapidly emerged as a formidable threat targeting healthcare IT infrastructures across Latin America and beyond. First observed in early September 2025, KillSec operators have leveraged compromised software supply chain relationships to deploy their payloads at…
New APT28 Attack Via Signal Messenger Delivers BeardShell and Covenant Malware
Late in the summer of 2025, cybersecurity researchers uncovered a sophisticated spearphishing campaign targeting Ukrainian military personnel via the Signal messaging platform. The operation, dubbed “Phantom Net Voxel,” begins with a malicious Office document sent through private Signal chats, masquerading…
LG WebOS TV Vulnerability Let Attackers Bypass Authentication and Enable Full Device Takeover
A critical vulnerability has been discovered in LG’s WebOS for smart TVs, allowing an attacker on the same local network to bypass authentication mechanisms and achieve full control over the device. The flaw, which affects models like the LG WebOS…
Spring Framework Security Flaws Enable Authorization Bypass and Annotation Detection Issues
Two critical vulnerabilities, CVE-2025-41248 and CVE-2025-41249, have emerged in Spring Security and Spring Framework that could allow attackers to bypass authorization controls in enterprise applications. These flaws arise when using Spring Security’s @EnableMethodSecurity feature in conjunction with method-level annotations such…
Nessus vs Metasploit Comparison: How To Exploit Vulnerabilities Using These Powerful Tools
The cybersecurity landscape demands sophisticated tools to identify and exploit vulnerabilities effectively, with Nessus vs Metasploit representing one of the most powerful combinations in modern penetration testing. As cyber threats continue to evolve rapidly, security professionals require comprehensive solutions that…
AWSDoor – New Persistence Technique Allows Attackers to Hide Malware Within AWS Cloud Environment
Attackers are increasingly leveraging sophisticated techniques to maintain long-term access in cloud environments, and a newly surfaced tool named AWSDoor is emerging as a major threat. AWSDoor automates a range of IAM and resource-based persistence methods, allowing adversaries to hide…
AISURU Botnet With 300,000 Hijacked Routers Behind The Recent Massive 11.5 Tbps DDoS Attack
Since early 2025, the cybersecurity community has witnessed an unprecedented surge in distributed denial-of-service (DDoS) bandwidth, culminating in a record-shattering 11.5 Tbps assault attributed to a botnet named AISURU. Emerging from XLab’s continuous monitoring of global DDoS incidents, this botnet…