The dark web landscape constantly shifts between emerging platforms and sudden closures, often driven by the very anonymity they promise. On November 21, 2025, a new contender named Omertà Market emerged, positioning itself as a bastion of stability and security.…
Tag: Cyber Security News
SantaStealer Attacks Users to Exfiltrates Sensitive Documents, Credentials, and Wallet Data
A new information stealer called SantaStealer has emerged as a serious threat to Windows users worldwide. This malware-as-a-service tool is being aggressively marketed through Telegram channels and underground hacker forums, with plans for full release before the end of 2025.…
Critical ScreenConnect Vulnerability Let Attackers Expose Sensitive Configuration Data
ConnectWise has issued a security update for ScreenConnect™ to address a critical vulnerability that could enable attackers to expose sensitive configuration data and install untrusted extensions. The flaw, identified as CVE-2025-14265, affects only the ScreenConnect server component, leaving host and…
Popular Chrome Extension with Over 6 Million Installs Captures User Inputs to AI Chatbots
A widely trusted Chrome extension with more than 6 million users has been discovered secretly collecting and selling conversations from major AI platforms. Urban VPN Proxy, which carries Google’s “Featured” badge indicating it passed manual review for quality standards, contains…
SoundCloud Confirms Data Breach – Hackers Exfiltrated User Account Data
SoundCloud has confirmed a security incident involving unauthorized access to user data, revealing that hackers exfiltrated email addresses and public profile information from approximately 20% of its user base. The company disclosed the breach in a transparency blog post on…
New GhostPairing Attack Let Attackers Gain Full Access in WhatsApp with Phone Number
A newly discovered account takeover campaign targeting WhatsApp users demonstrates how attackers can compromise messaging accounts without stealing passwords or exploiting technical vulnerabilities. The threat, identified as the GhostPairing Attack, uses social engineering and WhatsApp’s legitimate device linking feature to…
Critical FortiGate Devices SSO Vulnerabilities Actively Exploited in the Wild
An active intrusion is targeting critical authentication bypass vulnerabilities in Fortinet’s FortiGate appliances and related products. Threat actors are exploiting CVE-2025-59718 and CVE-2025-59719 to perform unauthenticated single sign-on (SSO) logins via malicious SAML messages, granting attackers administrative access. Fortinet disclosed…
PornHub Breached by ShinyHunters Group and Premium Members’ Data Stolen
The notorious hacking collective ShinyHunters has claimed responsibility for a major data breach at Mixpanel, a popular analytics provider, exposing limited user data tied to Pornhub Premium accounts. The incident, which has only affected select Premium subscribers, has raised concerns…
ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices
Since December 2025, a concerning trend has emerged across Japanese organizations as attackers exploit a critical vulnerability in React/Next.js applications. The vulnerability, tracked as CVE-2025-55182 and known as React2Shell, represents a remote code execution flaw attracting widespread exploitation. While initial…
New PCPcat Exploiting React2Shell Vulnerability to compromise 59,000+ Servers
A new malware campaign called PCPcat has successfully compromised more than 59,000 servers in under 48 hours through targeted exploitation of critical vulnerabilities in Next.js and React frameworks. The malware targets Next.js deployments by exploiting two critical vulnerabilities, CVE-2025-29927 and…
Threat Actors Advertising ‘MioLab MacOS’ Infostealer on an Underground Forum
A new malware threat targeting macOS users has emerged on underground cybercrime forums, with threat actors marketing a sophisticated information-stealing tool called “MioLab MacOS.” This resident infostealer comes equipped with a web-based control panel and customizable settings, making it an…
JumpCloud Remote Assist for Windows Agent Flaw Let Attackers Escalate Privilege
The JumpCloud Remote Assist vulnerability (CVE-2025-34352) exposes Windows systems to local privilege escalation and denial-of-service attacks. Discovered by XM Cyber researcher Hillel Pinto, the flaw stems from insecure file operations in the agent’s uninstaller. The JumpCloud Remote Assist for Windows…
Jaguar Land Rover Confirms Employee Data Stolen in August Cyberattack
Jaguar Land Rover (JLR), the iconic British luxury automaker, has finally disclosed that a cyberattack in August compromised sensitive data on current and former employees. This marks the company’s first public acknowledgment of the breach’s scope, following a production shutdown…
xHunt APT Hackers Attacking Microsoft Exchange and IIS Web Servers to Deploy Custom Backdoors
The xHunt advanced persistent threat group has firmly established itself as a sophisticated cyber-espionage actor, orchestrating targeted campaigns against organizations in Kuwait. Since its emergence in 2018, the group has focused intently on the government, shipping, and transportation sectors. Their…
Microsoft Recent Update Breaks VPS Access for Windows Subsystem for Linux Users
Microsoft’s October 2025 non-security update is disrupting virtual private server (VPS) access for Windows Subsystem for Linux (WSL) users, particularly those relying on third-party VPNs for enterprise connectivity. Released on October 28, 2025, as KB5067036, the update targets OS builds…
Critical pgAdmin Vulnerability Let Attackers Execute Shell Commands on the Host
A severe security vulnerability has been uncovered in pgAdmin 4, the popular open-source PostgreSQL database management tool. Tracked as CVE-2025-13780, this critical flaw allows attackers to bypass security filters and execute arbitrary shell commands on the host server. The issue…
Apache StreamPark Vulnerability Let Attackers Access Sensitive Data
A critical security vulnerability has been discovered in Apache StreamPark that could allow attackers to decrypt sensitive information and gain unauthorized system access. The vulnerability stems from the use of a hard-coded encryption key in the application, which enables threat…
NVIDIA Merlin Vulnerabilities Let Attackers Execute Malicious Code and Trigger DoS Condition
Security patches for the Merlin framework addressing two high-severity deserialization vulnerabilities. That could allow attackers to execute arbitrary code and launch denial-of-service attacks on affected Linux systems. NVIDIA researchers have identified two vulnerabilities in Merlin components that leverage insecure deserialization.…
New Android Malware Frogblight Mimics as Official Government Websites to Collect SMS and Device Details
A sophisticated Android banking Trojan named Frogblight has emerged as a significant threat targeting Turkish users, employing deceptive tactics to steal banking credentials and personal data. Discovered in August 2025, this malware initially disguised itself as an application for accessing…
Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support
Wireshark 4.6.2, the latest version of the leading open-source network protocol analyzer, addresses critical crash vulnerabilities and plugin compatibility issues. This maintenance release prioritizes stability for users in troubleshooting and security analysis. Developers patched two denial-of-service vulnerabilities identified in recent…