Tag: Cyber Security News

Microsoft has deployed an emergency out-of-band update to address a significant issue with Message Queuing (MSMQ) functionality that emerged following the December 9 security patches. The update, released on December 18, 2025, targets Windows 10 versions 22H2 and 21H2 through…

Read more →

A lightweight Python script to help organizations quickly identify exposure to CVE-2025-20393, a critical zero-day vulnerability in Cisco Secure Email Gateway (SEG) and Secure Malware Analytics (SMA), also known as Cisco Secure Email and Web Manager. The tool “Cisco SMA…

Read more →

Hackers are increasingly abusing the popular PuTTY SSH client for stealthy lateral movement and data exfiltration in compromised networks, leaving subtle forensic traces that investigators can exploit. In a recent investigation, responders pivoted to persistent Windows registry artifacts after attackers…

Read more →

North Korean hackers reached a dangerous milestone in 2025, stealing a record-breaking $2.02 billion in cryptocurrency throughout the year. This represents a 51% increase from 2024, pushing their total theft since 2016 to $6.75 billion. The alarming trend shows that…

Read more →

The University of Sydney has confirmed a significant data breach affecting thousands of current and former staff members, as well as students and alums. In a message to the university community, Vice-President (Operations) Nicole Gower revealed that suspicious activity was…

Read more →

The Clop ransomware group has launched a new data extortion campaign targeting Internet-facing Gladinet CentreStack file servers, marking another chapter in the threat actor’s pattern of exploiting file transfer solutions. The campaign appears to leverage multiple security weaknesses in CentreStack…

Read more →

An urgent security update has been released to fix a critical zero-day vulnerability in WatchGuard Firebox firewalls. With warnings that hackers are already actively exploiting the flaw in the wild to take control of affected devices. The vulnerability, tracked as CVE-2025-14733,…

Read more →

A sophisticated cyberespionage campaign targeting governmental entities in Southeast Asia and Japan has unveiled a new China-aligned threat actor dubbed LongNosedGoblin. Active since at least September 2023, this advanced persistent threat (APT) group distinguishes itself by leveraging a diverse toolset…

Read more →

A slight delay in keystrokes from a supposed U.S.-based IT worker alerted Amazon to a North Korean infiltrator accessing a corporate laptop. The commands should have zipped from the worker’s machine to Amazon’s Seattle headquarters in under 100 milliseconds. Instead,…

Read more →

OpenAI has unveiled GPT-5.2-Codex, a cutting-edge model optimized for agentic coding and enhanced cybersecurity tasks. The release highlights breakthroughs in handling complex software engineering and vulnerability detection. GPT-5.2-Codex tops SWE-Bench Pro with 56.4% accuracy, outperforming GPT-5.2 at 55.6% and GPT-5.1…

Read more →

Cary, North Carolina, USA, December 18th, 2025, CyberNewsWire Growth in Egypt, UAE, and Kingdom of Saudi Arabia Fueled by Demand for Expert-Led, Hands-On Training to Meet National Digital Transformation Goals INE Security, a global leader in specialized cybersecurity and IT…

Read more →

OpenAI has unveiled GPT-5.2-Codex, a cutting-edge model optimized for agentic coding and enhanced cybersecurity tasks. The release highlights breakthroughs in handling complex software engineering and vulnerability detection. GPT-5.2-Codex tops SWE-Bench Pro with 56.4% accuracy, outperforming GPT-5.2 at 55.6% and GPT-5.1…

Read more →

A newly identified botnet malware family, dubbed “Udados,” has emerged as a significant threat to the Technology and Telecommunications sectors, orchestrating high-volume HTTP flood Distributed Denial-of-Service (DDoS) attacks. According to ANY.RUN sandbox analysis, the botnet leverages infected hosts to execute…

Read more →

RansomHouse has emerged as a significant threat in the ransomware landscape, operated by a group tracked as Jolly Scorpius. This ransomware-as-a-service platform combines data theft with encryption, creating a dual pressure point that forces victims into difficult decisions. Since December…

Read more →

Microsoft has officially acknowledged a disruptive bug in its latest Windows updates, confirming that the November 2025 non-security preview update KB5070311 (OS builds 26200.7309 and 26100.7309) and subsequent patches are causing RemoteApp connection failures in Azure Virtual Desktop (AVD) environments.…

Read more →

A critical security advisory addressing multiple severe vulnerabilities in Cisco Unified Contact Center Express (Unified CCX). That could allow unauthenticated remote attackers to execute arbitrary commands and compromise affected systems. The vulnerabilities were disclosed on November 5, 2025, with the…

Read more →

A critical security alert warns customers about a severe vulnerability in HPE OneView Software that could allow remote attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-37164, carries a CVSS severity score of 10.0, indicating maximum critical…

Read more →

CISA has added a new ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling urgent risk for affected users and organizations. The flaw, tracked as CVE-2025-59374, affects ASUS Live Update, a utility commonly used to deliver firmware and software updates to…

Read more →

A joint investigation by Hunt.io and the Acronis Threat Research Unit has exposed an extensive network of North Korean state-sponsored infrastructure, revealing fresh connections between Lazarus and Kimsuky operations across global campaigns. The research uncovered active tool-staging servers, credential-theft environments,…

Read more →

Ink Dragon, a Chinese espionage group, has significantly expanded its operations from Southeast Asia and South America into European government networks. This advancement marks a notable shift in the threat actor’s strategic focus, utilizing a blend of well-engineered tools combined…

Read more →