Cybersecurity researchers began tracking a sophisticated campaign in the closing months of 2024, targeting both government and corporate networks across multiple continents. The threat actors behind this operation, known colloquially as Salt Typhoon and UNC4841, leveraged overlapping infrastructure and shared…
Tag: Cyber Security News
New Technique Uncovered To Exploit Linux Kernel Use-After-Free Vulnerability
A new technique to exploit a complex use-after-free (UAF) vulnerability in the Linux kernel successfully bypasses modern security mitigations to gain root privileges. The method targets CVE-2024-50264, a difficult-to-exploit race condition bug in the AF_VSOCK subsystem that was recognized with a Pwnie…
SpamGPT – AI-powered Attack Tool Used By Hackers For Massive Phishing Attack
A sophisticated new cybercrime toolkit named SpamGPT is enabling hackers to launch massive and highly effective phishing campaigns by combining artificial intelligence with the capabilities of professional email marketing platforms. Marketed on the dark web as a “spam-as-a-service” platform, SpamGPT…
Elastic Salesloft Drift Security Incident – Hackers Accessed Email Account Contains Valid Credentials
Elastic has disclosed a security incident stemming from a third-party breach at Salesloft Drift, which resulted in unauthorized access to an internal email account containing valid credentials. While the company’s core Salesforce environment was not impacted, the incident exposed sensitive…
Hackers Hijacked 18 Very Popular npm Packages With 2 Billion Weekly Downloads
In the largest supply chain attack, hackers compromised 18 popular npm packages, which together account for over two billion downloads per week. The attack, which began on September 8th, involved injecting malicious code designed to steal cryptocurrency from users. The…
Dynatrace Confirms Data Breach: Hackers Accessed Customer Data From Salesforce
Dynatrace has confirmed it was impacted by a third-party data breach originating from the Salesloft Drift application, resulting in unauthorized access to customer business contact information stored in its Salesforce CRM. The company confirmed that the incident was limited to…
Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack
A severe vulnerability in Windows Defender’s update process allows attackers with administrator privileges to disable the security service and manipulate its core files. The technique, which leverages a flaw in how Defender selects its execution folder, can be carried out…
Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw, identified as CVE-2025-7388, allows for remote code execution (RCE) and affects multiple versions of the software, potentially enabling attackers to…
Venezuela’s Maduro Says Huawei Mate X6 Gift From China is Unhackable by U.S. Spies
In Caracas this week, President Nicolás Maduro unveiled the Huawei Mate X6 gifted by China’s Xi Jinping, declaring the device impervious to U.S. espionage efforts. The announcement coincides with heightened tensions between Washington and Beijing, as the United States enforces…
PoC Exploit Released for ImageMagick RCE Vulnerability – Update Now
A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation. Security researchers and the ImageMagick team urge all users and organizations to update immediately to prevent exploitation.…
PgAdmin Vulnerability Lets Attackers Gain Unauthorised Account Access
A significant security flaw has been discovered in pgAdmin, the widely used open-source administration and development platform for PostgreSQL databases. The vulnerability, tracked as CVE-2025-9636, affects all pgAdmin versions up to and including 9.7, potentially allowing remote attackers to gain…
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in modern web security infrastructure. The research, conducted during an autonomous penetration test, revealed how attackers…
Apache Jackrabbit Exposes Systems To Arbitrary Code Execution Attacks
An important security vulnerability has been discovered in Apache Jackrabbit, a popular open-source content repository used in enterprise content management systems and web applications. This flaw could allow unauthenticated attackers to achieve arbitrary code execution (RCE) on servers running vulnerable…
Microsoft Azure Cloud Disrupted by Undersea Cable Cuts in Red Sea
Microsoft’s Azure cloud platform is facing significant disruptions after multiple undersea fiber optic cables were severed in the Red Sea. The US technology giant confirmed that users would experience delays and increased latency for services relying on internet traffic moving…
Salesloft Drift Cyberattack Linked to GitHub Compromise and OAuth Token Theft
A sophisticated supply-chain attack that impacted over 700 organizations, including major cybersecurity firms, has been traced back to a compromise of Salesloft’s GitHub account that began as early as March 2025. In an update on September 6, 2025, Salesloft confirmed…
Australian Authorities Uncovered Activities and Careers of Ransomware Criminal Groups
Ransomware has emerged as one of the most devastating cybercrime threats in the contemporary digital landscape, with criminal organizations operating sophisticated billion-dollar enterprises that target critical infrastructure across multiple nations. Between 2020 and 2022, ransomware groups conducted over 865 documented…
Atomic Stealer Disguised as Cracked Software Attacking macOS Users
A sophisticated malware campaign targeting macOS users has emerged, exploiting the widespread desire for free software to deliver the notorious Atomic macOS Stealer (AMOS). This information-stealing malware masquerades as cracked versions of popular applications, tricking unsuspecting users into compromising their…
U.S. Authorities Investigating Malicious Email Targeting Trade Talks with China
U.S. federal authorities have launched an investigation into a sophisticated malware campaign that targeted sensitive trade negotiations between Washington and Beijing. The attack, which surfaced in July 2025, involved fraudulent emails purportedly sent by Representative John Moolenaar, chairman of the…
How Microsoft Azure Storage Logs Aid Forensics Following a Security Breach
After a security breach, forensic investigators work quickly to follow the attacker’s trail. Security experts have analyzed this situation and found that a key source of evidence is often overlooked: Microsoft Azure Storage logs. While frequently overlooked, these logs provide…
Tenable Confirms Data Breach – Hackers Accessed Customers’ Contact Details
Tenable has confirmed a data breach that exposed the contact details and support case information of some of its customers. The company stated the incident is part of a broader data theft campaign targeting an integration between Salesforce and the…