The Australian government has mandated the removal of all Kaspersky Lab software and web services from federal systems and devices, citing heightened risks of foreign interference, espionage, and sabotage. Issued under the Protective Security Policy Framework (PSPF) Direction 002-2025, the…
Tag: Cyber Security News
Android App on Google Play Attacking Indian Users To Steal Login Credentials
A sophisticated Android malware campaign dubbed “SpyLend” has infiltrated the Google Play Store, masquerading as a financial utility app to target Indian users. Disguised as “Finance Simplified” (package: com.someca.count), the app has amassed over 100,000 downloads since February 2025, leveraging…
SafeLine WAF vs CloudFlare: Which One Should You Choose?
When it comes to protecting your website from cyber threats, Web Application Firewalls (WAF) are an essential part of the security infrastructure. Two popular options in the market are SafeLine and CloudFlare, each with its own strengths and weaknesses. In…
GhostSocks Malware Exploiting SOCKS5 Proxy to Bypass Detection Systems
A new malware strain dubbed GhostSocks is leveraging SOCKS5 backconnect proxies to bypass anti-fraud mechanisms and geographic restrictions, according to a report by cybersecurity firm Infrawatch. The Golang-based malware, first advertised on Russian-language forums in October 2023, has recently expanded…
Apple has Discontinued its Advanced Data Protection (ADP) Feature for UK Users
Apple has taken the unprecedented step of disabling its Advanced Data Protection (ADP) feature for UK users after the British government invoked surveillance laws to demand access to encrypted iCloud data. The move, effective on 21 February 2025, marks the…
Vulnerability in Internet-Connected Smart Beds Let Attackers Access Other Devices in Network
Security researchers have uncovered alarming vulnerabilities in Eight Sleep’s internet-connected smart beds that could allow attackers to infiltrate home networks and compromise connected devices. According to cybersecurity expert Dylan Ayrey, the $2,000 temperature-regulating sleep system has a Secure Shell (SSH)…
BIG SHARK Android RAT Cracked & Leaked from Chinese Market
A significant cybersecurity threat has emerged as the BIG SHARK Android Remote Access Trojan (RAT), a cracked version of the infamous Craxs 7.6 RAT, has been leaked online. This development highlights the evolving risks posed by malicious actors exploiting Android…
Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT
A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…
New ChatGPT’s Premium Features Subscription Phishing Attack Steal Logins
A sophisticated phishing operation leveraging OpenAI’s ChatGPT branding has targeted over 12,000 users across North America and Europe. The campaign impersonates ChatGPT subscription renewal notices to harvest login credentials and payment details, exploiting the platform’s restricted access model for GPT-4…
Stablecoin Bank Hacked – Hackers Stolen $49.5M in Attack
In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year. The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH…
Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack
The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious packets. The update resolves CVE-2025-1492, a flaw in the Bundle…
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast
DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves unprecedented performance metrics of 3000 GB/s memory…
Parallels Desktop 0-Day Vulnerability Gain Root Privileges – PoC Released
A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems. All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the…
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware
A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours of initial compromise. The attackers orchestrated a multi-stage intrusion involving…
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries
Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN…
10 Best DevOps Tools in 2025
The term “DevOps” is a combination of the words “development” and “operations.” Promoting the development and operation processes collectively is a cultural requirement. A single team can now manage the entire application lifecycle, including development, testing, deployment, and operations. System…
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks. The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed…
Record Breaking Crypto Hack – Attackers Stolen $1.46 Billion From Bybit Exchange
Attackers infiltrated Bybit Exchange’s Ethereum cold wallet infrastructure to steal $1.46 billion in digital assets through sophisticated interface manipulation and social engineering tactics. The incident represents the largest theft from a centralized crypto exchange since Mt. Gox’s 2014 collapse, exposing…
Top 10 Best Ransomware Protection Tools – 2025
Ransomware is essential to stay vigilant and protect your devices and systems by keeping software up to date, using anti-virus software, avoiding opening attachments or links from unknown sources, and regularly backing up important data. Ransomware is malware that encrypts…
50 World’s Best Penetration Testing Companies – 2025
Penetration testing, or “pentesting,” is a cybersecurity practice where ethical hackers simulate cyberattacks to identify vulnerabilities in systems, networks, or applications. It helps organizations uncover weaknesses before malicious actors exploit them, enhancing their security posture. Penetration testing includes various types…