A malicious campaign targeting Cisco networking equipment through two critical vulnerabilities, with state-backed actors and other actors exploiting unpatched systems. GreyNoise Intelligence has identified 110 malicious IPs actively exploiting CVE-2023-20198, a privilege escalation flaw in Cisco IOS XE devices. There…
Tag: Cyber Security News
CISA Warns of Oracle Agile Vulnerability Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding CVE-2024-20953, a high-severity deserialization vulnerability in Oracle’s Agile Product Lifecycle Management (PLM) software that is being actively exploited in the wild. Added to CISA’s Known Exploited Vulnerabilities…
Threat Actors Stealing Users Browser Fingerprints To Bypass Security Measures & Impersonate Users
A sophisticated cybercriminal campaign leveraging stolen browser fingerprints to bypass fraud detection systems and impersonate legitimate users has been uncovered by cybersecurity researchers. Dubbed ScreamedJungle, the threat actor has been exploiting vulnerabilities in outdated Magento e-commerce platforms since May 2024…
Australia Prohibits Kaspersky Software in Government Networks Over Major Security Concerns
The Australian government has mandated the removal of all Kaspersky Lab software and web services from federal systems and devices, citing heightened risks of foreign interference, espionage, and sabotage. Issued under the Protective Security Policy Framework (PSPF) Direction 002-2025, the…
Android App on Google Play Attacking Indian Users To Steal Login Credentials
A sophisticated Android malware campaign dubbed “SpyLend” has infiltrated the Google Play Store, masquerading as a financial utility app to target Indian users. Disguised as “Finance Simplified” (package: com.someca.count), the app has amassed over 100,000 downloads since February 2025, leveraging…
SafeLine WAF vs CloudFlare: Which One Should You Choose?
When it comes to protecting your website from cyber threats, Web Application Firewalls (WAF) are an essential part of the security infrastructure. Two popular options in the market are SafeLine and CloudFlare, each with its own strengths and weaknesses. In…
GhostSocks Malware Exploiting SOCKS5 Proxy to Bypass Detection Systems
A new malware strain dubbed GhostSocks is leveraging SOCKS5 backconnect proxies to bypass anti-fraud mechanisms and geographic restrictions, according to a report by cybersecurity firm Infrawatch. The Golang-based malware, first advertised on Russian-language forums in October 2023, has recently expanded…
Apple has Discontinued its Advanced Data Protection (ADP) Feature for UK Users
Apple has taken the unprecedented step of disabling its Advanced Data Protection (ADP) feature for UK users after the British government invoked surveillance laws to demand access to encrypted iCloud data. The move, effective on 21 February 2025, marks the…
Vulnerability in Internet-Connected Smart Beds Let Attackers Access Other Devices in Network
Security researchers have uncovered alarming vulnerabilities in Eight Sleep’s internet-connected smart beds that could allow attackers to infiltrate home networks and compromise connected devices. According to cybersecurity expert Dylan Ayrey, the $2,000 temperature-regulating sleep system has a Secure Shell (SSH)…
BIG SHARK Android RAT Cracked & Leaked from Chinese Market
A significant cybersecurity threat has emerged as the BIG SHARK Android Remote Access Trojan (RAT), a cracked version of the infamous Craxs 7.6 RAT, has been leaked online. This development highlights the evolving risks posed by malicious actors exploiting Android…
Chinese Hackers Attacking Industrial Organizations With Sophisticated FatalRAT
A sophisticated cyberespionage campaign leveraging the FatalRAT remote access trojan (RAT) is targeting industrial organizations across the Asia-Pacific (APAC) region, according to a Kaspersky ICS CERT report. The attackers, suspected to be Chinese-speaking threat actors, employ a multi-stage infection chain…
New ChatGPT’s Premium Features Subscription Phishing Attack Steal Logins
A sophisticated phishing operation leveraging OpenAI’s ChatGPT branding has targeted over 12,000 users across North America and Europe. The campaign impersonates ChatGPT subscription renewal notices to harvest login credentials and payment details, exploiting the platform’s restricted access model for GPT-4…
Stablecoin Bank Hacked – Hackers Stolen $49.5M in Attack
In a high-profile security breach, decentralized finance protocol @0xinfini suffered a $49.5 million USDC theft, marking one of the largest stablecoin exploits of the year. The attacker executed a multi-stage laundering operation, converting stolen USDC to DAI, purchasing 17,696 ETH…
Wireshark 4.4.4 Released With Fix for Vulnerability That Triggers DoS Attack
The Wireshark Foundation has released version 4.4.4 of its widely used network protocol analyzer, addressing a high-severity vulnerability that could allow attackers to trigger denial-of-service (DoS) conditions by injecting malicious packets. The update resolves CVE-2025-1492, a flaw in the Bundle…
DeepSeek Unveils FlashMLA, A Decoding Kernel That’s Make Things Blazingly Fast
DeepSeek has launched FlashMLA, a groundbreaking Multi-head Latent Attention (MLA) decoding kernel optimized for NVIDIA’s Hopper GPU architecture, marking the first major release of its Open Source Week initiative. This innovative tool achieves unprecedented performance metrics of 3000 GB/s memory…
Parallels Desktop 0-Day Vulnerability Gain Root Privileges – PoC Released
A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems. All versions of Parallels Desktop, including the most recent 20.2.1 (55876), are vulnerable to the…
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware
A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours of initial compromise. The attackers orchestrated a multi-stage intrusion involving…
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries
Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw enables authenticated attackers to execute arbitrary SQL commands through specially crafted ETRN…
10 Best DevOps Tools in 2025
The term “DevOps” is a combination of the words “development” and “operations.” Promoting the development and operation processes collectively is a cultural requirement. A single team can now manage the entire application lifecycle, including development, testing, deployment, and operations. System…
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execution (RCE) attacks. The vulnerabilities, discovered during the 2025 Pwn2Own Toronto hacking competition and disclosed…