Tag: Cyber Security News

A federal judge has issued a preliminary injunction that significantly limits the Department of Government Efficiency’s (DOGE) access to sensitive Social Security Administration (SSA) data. The ruling, handed down yesterday, found that the government had provided DOGE with access to…

Read more →

Ransomware is not retreating it’s evolving. Once a niche cybercrime, ransomware has become a multibillion-dollar global threat that disrupts hospitals, banks, factories, and governments. In 2025, the threat continues to grow in scope and intensity, primarily driven by the ransomware-as-a-service…

Read more →

Microsoft has issued an alert regarding sophisticated ransomware attacks targeting hybrid cloud environments in Q1 2025. These attacks exploit vulnerabilities at the intersection of on-premises infrastructure and cloud services, challenging organizations with hybrid configurations. In a significant shift, North Korean…

Read more →

Microsoft has warned organizations worldwide that threat actors are ramping up their exploitation of critical vulnerabilities in on-premises Exchange Server and SharePoint Server. These attacks, observed in recent months, have enabled cybercriminals to gain persistent and privileged access to targeted…

Read more →

Nation-state cyber threats have evolved dramatically over the past decade, with attackers employing increasingly sophisticated persistence techniques to maintain long-term access within targeted environments. These advanced persistent threats (APTs) are often orchestrated by government-backed groups with significant resources, making them…

Read more →

In today’s rapidly evolving cyber threat landscape, Security Operations Centers (SOCs) face an unprecedented challenge: efficiently managing and prioritizing the overwhelming volume of security alerts they receive daily. SOC analysts often can’t read and respond to a significant portion of…

Read more →

In the modern digital landscape, organizations are constantly challenged by an ever-increasing volume of security alerts, sophisticated cyber threats, and the ongoing shortage of skilled cybersecurity professionals. Security Orchestration, Automation, and Response (SOAR) platforms have emerged as a transformative solution…

Read more →

A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. The infrastructure, which security researchers have attributed to the RedGolf threat group (overlapping…

Read more →

Digital transformation is no longer a buzzword it is a strategic imperative for organizations seeking to stay competitive in an ever-evolving landscape. As businesses embrace cloud computing, artificial intelligence, IoT, and remote work, the attack surface expands exponentially. This evolution…

Read more →

The rapid evolution of generative AI has fundamentally transformed the landscape of cybersecurity, especially in the context of red teaming. Traditionally, red teams have focused on simulating adversarial attacks to uncover vulnerabilities in networks, software, and infrastructure. However, the unpredictable…

Read more →

Fortinet has announced the complete removal of SSL VPN tunnel mode functionality in the upcoming FortiOS 7.6.3 release.  This change, affecting all FortiGate models regardless of size, marks the culmination of Fortinet’s gradual phase-out of SSL VPN that began with…

Read more →

In today’s hyper-connected world, cybersecurity is no longer the sole responsibility of a dedicated security team. As organizations scale and technology becomes increasingly integrated into every aspect of business, the risks and attack surfaces multiply. Yet, security teams are often…

Read more →

Passive DNS has emerged as a critical tool for cybersecurity professionals seeking to identify and track malicious command and control (C2) infrastructure. By creating a historical record of DNS activities, security teams can follow the digital breadcrumbs left by threat…

Read more →

A major security incident has come to light involving more than six million installations of Chrome browser extensions that secretly execute remote commands, track user activity, and potentially expose sensitive information. John Tuckner of secure Annex have identified at least…

Read more →

A sophisticated Android spyware campaign has been uncovered, disguising itself as the official application of the Chinese Prosecutor’s Office (检察院). This advanced variant of the SpyMax/SpyNote family targets Chinese-speaking users across mainland China and Hong Kong, exploiting Android Accessibility Services…

Read more →

On April 16, 2025, millions of users worldwide found themselves unable to access Zoom, the widely used video conferencing platform, due to a critical outage that lasted nearly two hours. The disruption, which began at 11:25 AM PDT and was…

Read more →

A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root access.  The vulnerability, assigned a CVSS score of 7.8, uncovered by…

Read more →

Memory forensics has become an indispensable component of modern incident response strategies, enabling security teams to detect and analyze sophisticated threats that would otherwise remain hidden. Unlike traditional disk forensics, memory analysis provides insights into running processes, network connections, and…

Read more →

The financial sector faces increasingly sophisticated cyber threats, with system intrusion remaining the leading attack pattern for the third consecutive year. Advanced Persistent Threat (APT) groups specifically target financial institutions using various tools, techniques, and procedures. YARA rules provide a…

Read more →

Web server hardening is a critical security process that reduces an organization’s attack surface and helps defend against ransomware, malware, and other cyberthreats. In today’s threat landscape, web servers are prime targets for attackers as they often serve as the…

Read more →

A federal whistleblower “Daniel Berulis”, A senior DevSecOps architect has allegedly sent a affidavit document of a U.S DOGE significant data breach at the National Labor Relations Board (NLRB), claiming that personnel from the Department of Government Efficiency (DOGE) accessed…

Read more →

A significant evolution in distributed denial-of-service (DDoS) malware has been detected, with the latest version of XorDDoS continuing to spread globally between November 2023 and February 2025. This Linux-targeting trojan transforms compromised machines into “zombie bots” that can be coordinated…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple Apple 0-day vulnerabilities currently being actively exploited in targeted attacks. These critical security flaws affect a wide range of Apple products, including iOS, iPadOS, macOS, and…

Read more →

A critical remote code execution vulnerability in Erlang/OTP’s SSH implementation has security teams scrambling to patch affected systems after researchers confirmed the development of a proof-of-concept exploit. The vulnerability, tracked as CVE-2025-32433 and assigned the maximum possible CVSS score of…

Read more →

17,000+ Fortinet devices worldwide have been compromised in a sophisticated cyberattack that leverages a symbolic link persistence technique, according to new findings from Shadowserver. The number of affected devices has climbed from an initial report of 14,000 to 17,000, with…

Read more →

A sophisticated ransomware group known as CrazyHunter has emerged as a significant threat to organizations, particularly those in Taiwan’s critical infrastructure sectors. This newly identified threat actor has been conducting targeted attacks against healthcare facilities, educational institutions, and industrial organizations…

Read more →

Microsoft’s security landscape faced unprecedented challenges in 2024, with vulnerability reports soaring to an all-time high of 1,360 identified security flaws across the company’s product ecosystem. This alarming figure represents the highest number recorded since systematic tracking began, highlighting the…

Read more →

A sophisticated phishing campaign leveraging a multi-layered attack chain dubbed “Cascading Shadows” has been uncovered by the Palo Alto Networks’ Unit 42 researchers in December 2024. This campaign delivers malware families like Agent Tesla, RemcosRAT, and XLoader through a sequence…

Read more →

Ransomware attacks surged dramatically in the first quarter of 2025, with a 126% increase compared to the same period in 2024, according to a newly released global cyber attack report. The consumer goods and services sector emerged as the primary…

Read more →

A sophisticated cyberespionage campaign leveraging malicious Microsoft Management Console (MMC) scripts to deploy the stealthy MysterySnail remote access trojan (RAT).  First identified in 2021 during an investigation into the CVE-2021-40449 zero-day vulnerability, MysterySnail RAT had seemingly disappeared from the cyber…

Read more →

In today’s rapidly evolving digital landscape, Chief Information Security Officers (CISOs) face unprecedented challenges as cyber threats grow in sophistication and frequency. The year 2025 has witnessed a significant shift in how organizations approach cybersecurity, with CISOs stepping out of…

Read more →

The future of GRC (Governance, Risk, and Compliance) is being reshaped as organizations navigate complex challenges at the crossroads of sustainability, digital security, and regulatory oversight. Traditional GRC frameworks that treated these domains as separate functions are rapidly becoming obsolete.…

Read more →

In today’s hyperconnected business environment, security teams face unprecedented challenges protecting organizational assets against increasingly sophisticated threats. Threat modeling stands out as a structured methodology that helps organizations systematically identify, evaluate, and prioritize potential security threats before they manifest. This…

Read more →

A recent comprehensive security audit has revealed that 43% of the top 100 mobile applications used in enterprise environments contain critical vulnerabilities that could allow malicious actors to access sensitive corporate data. These vulnerabilities primarily exist in apps’ data storage…

Read more →

LummaStealer, a sophisticated information-stealing malware distributed as Malware-as-a-Service (MaaS), has evolved with new evasion techniques that abuse legitimate Windows utilities. Originally observed in 2022 and developed by Russian-speaking adversaries, this malware has demonstrated remarkable agility in evading detection while targeting…

Read more →

Chinese Ambassador to Russia Zhang Hanhui has officially announced Beijing’s intention to strengthen strategic cooperation with Moscow in cybersecurity, signaling a significant expansion of the two nations’ digital partnership.  The announcement comes as both countries seek to counter what they…

Read more →

Cybercriminals have launched a sophisticated phishing campaign exploiting the popularity of digital gift cards to steal Microsoft credentials from unsuspecting users. This new attack vector disguises malicious links within seemingly legitimate Amazon gift card emails, creating a perfect social engineering…

Read more →

In today’s fast-evolving cybersecurity landscape, a significant shift is taking place. As organizations adopt automation to manage traditional security tasks, security teams are noticeably shrinking; automation trims security teams. This shift represents more than cost-cutting; it reflects a fundamental reimagining…

Read more →

Harvest SAS, a leading French fintech company specializing in wealth management software, has fallen victim to a sophisticated ransomware attack.  The ransomware attack was first detected on February 27, 2025, but Harvest publicly disclosed the incident on April 10, 2025,…

Read more →

In today’s hyper-connected business world, cybersecurity audits are not just a regulatory requirement but a vital component of organizational risk management and digital trust. The frequency and sophistication of cyber threats are rising, as are customers’, partners’, and regulators’ expectations.…

Read more →

Ghost Ransomware, also known as Cring, has emerged as a formidable cyber threat targeting organizations across more than 70 countries. Since its first appearance in 2021, this malware variant has rapidly evolved into one of the most dangerous ransomware strains,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical SonicWall vulnerability that is actively being exploited by threat actors.  On April 16, 2025, CISA added CVE-2021-20035, a command injection vulnerability affecting SonicWall SMA100 appliances,…

Read more →

Google revealed a significant crackdown on malicious advertising activity across its platforms, blocking more than 5.1 billion bad ads and suspending upwards of 700,000 advertiser accounts involved in policy violations and scams.  Google’s ability to detect and prevent malicious ads…

Read more →

A sophisticated malware campaign attributed to the Russia-linked Gamaredon threat group has been actively targeting Ukrainian entities since late 2024, according to new research published on April 16, 2025. Samples of the Pterodo malware family were identified on public malware…

Read more →

Security researchers have uncovered new malicious activities attributed to Mustang Panda, a China-sponsored espionage group known for targeting government entities, military organizations, and non-governmental organizations primarily in East Asia and Europe. The threat actor has been observed utilizing weaponized RAR…

Read more →

Microsoft has officially confirmed a major bug in its recent Windows 11 24H2 updates that is causing widespread Blue Screen of Death (BSOD) crashes, displaying the stop error code “SECURE_KERNEL_ERROR” (0x18B). The issue, first reported by Windows Latest in March…

Read more →

A critical vulnerability in Cisco Webex App that could allow attackers to execute malicious code on target systems through specially crafted meeting invitation links.  The high-severity flaw, tracked as CVE-2025-20236, has prompted Cisco to release emergency patches for affected versions…

Read more →

Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone. The vulnerabilities, identified in the CoreAudio and RPAC components, could allow attackers to…

Read more →

Credential theft through phishing remains one of the most reliable methods for gaining unauthorized access to enterprise environments. A sophisticated phishing campaign has been identified targeting employee and member portals of major organizations including Aramark, Highmark, and various healthcare providers.…

Read more →

Cybersecurity experts have identified a sophisticated ransomware threat known as Interlock, which has been quietly expanding its operations since its first appearance in September 2024. This malware employs an elaborate multi-stage attack chain, beginning with the compromise of legitimate websites…

Read more →

Atlassian, the company behind Jira, a leading project management and issue-tracking platform, is grappling with a significant service disruption that has left users unable to load certain Dashboard widgets. The outage, affecting Jira Work Management, Jira Service Management, and Jira…

Read more →

Researchers have uncovered the true identity of servers hosting one of the most notorious ransomware operations active today. The Medusa Ransomware Group, which has operated with relative anonymity through Tor hidden services, has had its cover blown through a sophisticated…

Read more →

Cybercriminals have launched a sophisticated malware campaign leveraging fake PDF-to-DOCX converter websites that mimic the popular legitimate service PDFCandy. The malicious websites, including domains such as candyxpdf[.]com and candyconverterpdf[.]com, deploy an elaborate social engineering tactic designed to harvest sensitive information…

Read more →

Critical Windows Task Scheduler involving schtasks.exe binary, which could enable malicious actors to execute commands with SYSTEM-level privileges, bypassing User Account Control (UAC) prompts and erasing audit logs. These flaws significantly elevate the threat landscape for Windows environments, posing risks…

Read more →

A sophisticated cybercriminal campaign targeting Indian investors through fraudulent stock and cryptocurrency schemes has escalated, with hackers leveraging social engineering, fake mobile applications, and compromised government websites to steal financial data. These attacks exploit the rapid growth of digital investment…

Read more →

Social engineering remains one of the most persistent threats to organizational security because it targets human psychology rather than technological vulnerabilities. Unlike conventional cyber threats that exploit technical weaknesses, social engineering manipulates the fundamental psychological traits that make us human.…

Read more →

In the digital age, the security of digital identities has become a defining challenge for organizations worldwide. As businesses embrace cloud computing, remote work, and interconnected ecosystems, digital identities representing users, devices, and applications have become prime targets for cybercriminals.…

Read more →

The Chief Information Security Officer (CISO) role has fundamentally transformed today’s digital-first world. Once viewed primarily as technical guardians of the organizational perimeter, CISOs are now expected to be strategic partners who drive business value. As cyber threats become more…

Read more →

Some threats don’t kick down the door; they slip in, stay quiet, and wait.  These days, attackers are playing the long game, using evasion techniques to hide in plain sight, delay detection, and make it harder for security teams to…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has extended its contract with MITRE Corporation, ensuring the uninterrupted operation of the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global cybersecurity that was hours away from losing federal funding.…

Read more →

A sophisticated phishing campaign by Russian-linked threat group APT29 has been actively targeting European diplomatic entities since January 2025, according to a recent security report. The campaign, believed to be a continuation of previous operations that utilized the WINELOADER backdoor,…

Read more →

Cybercriminals have been actively exploiting a critical vulnerability in Windows systems, identified as CVE-2025-24054. This vulnerability leverages NTLM hash disclosure through spoofing techniques. This vulnerability, related to NTLM (New Technology LAN Manager) authentication protocols, has become a significant threat, enabling…

Read more →

As organizations increasingly migrate to cloud-based software solutions, Chief Information Security Officers (CISOs) face the complex challenge of securing Software as a Service (SaaS) applications across their enterprise. The rapid adoption of SaaS has created a dynamic security landscape in…

Read more →

Hacktivist groups are rapidly evolving beyond their traditional tactics of DDoS attacks and website defacements into far more sophisticated operations targeting critical infrastructure and deploying ransomware. This alarming shift represents a significant escalation in the threat landscape, as ideologically motivated…

Read more →

In the digital age, organizations face a relentless barrage of cyber threats, ranging from sophisticated nation-state attacks to opportunistic ransomware campaigns. To keep pace, security teams have turned to threat intelligence feeds—automated streams of data that provide real-time information about…

Read more →

In the modern business landscape, cybersecurity is no longer just an IT problem; it has become a core business concern that requires a culture of cybersecurity accountability at every organizational level. As cyber threats grow more sophisticated and frequent, the…

Read more →

As cyber threats continue to grow in both scale and sophistication, organizations in 2025 are increasingly relying on automation to transform their threat intelligence (TI) operations. Automated threat intelligence leverages artificial intelligence (AI), machine learning (ML), and orchestration platforms to…

Read more →

Following yesterday’s major security breach of the controversial imageboard 4chan, hackers have publicly revealed the sophisticated exploit method used to gain access to the site’s backend systems. The attack, which took the platform offline for several hours, has exposed sensitive…

Read more →

The newly established CVE Foundation has been formally launched to safeguard the long-term continuity, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program. This move comes as the CVE Program, a 25-year foundational pillar of cybersecurity, faces unprecedented…

Read more →

Attackers are increasingly exploiting Node.js, a widely trusted, open-source JavaScript runtime, to deliver sophisticated malware, steal sensitive data, and compromise entire systems.  Recent campaigns observed since late 2024 have showcased a shift in attacker tactics. They leverage Node.js both for direct script…

Read more →

Cybersecurity researchers have uncovered a significant evolution in the tactics of the Chinese threat group UNC5174, which has incorporated a new open-source tool and command-and-control (C2) infrastructure into their malicious operations. The group, known for targeting government institutions and critical…

Read more →

Oracle released its April 2025 Critical Patch Update (CPU), addressing 378 new security vulnerabilities across its extensive product portfolio. The quarterly security update, announced on Wednesday, contains patches for numerous high-risk flaws, many of which could potentially allow remote exploitation…

Read more →

Phishing is the most prevalent and damaging cyber threat facing organizations and individuals worldwide. Despite technological advancements in cybersecurity, phishing attacks have persisted and evolved, exploiting human psychology and digital defense gaps. Phishing’s simplicity, adaptability, and high success rate make…

Read more →

Law enforcement agencies across Europe and Türkiye have successfully dismantled four major encrypted communication platforms used extensively by criminal networks.  The coordinated takedown, codenamed Operation BULUT (meaning “cloud” in Turkish), has resulted in 232 arrests and the seizure of assets…

Read more →

The notorious online message board 4chan experienced a significant security breach, with hackers reportedly accessing and leaking sensitive internal data including source code, moderator information, and administrative tools.  The site was taken offline for several hours as administrators attempted to…

Read more →

As cyberattacks become more sophisticated and frequent, organizations face unprecedented risks to their digital assets, reputations, and operational continuity. Cybercrime costs are rising rapidly, underscoring the urgent need for proactive defense mechanisms. Threat intelligence has emerged as a critical tool…

Read more →

In today’s rapidly evolving cybersecurity landscape, incident response teams are increasingly advocating for unified logging standards to effectively combat security breaches. The absence of standardized logging practices creates significant blind spots, hampering swift detection and response to potential threats. With…

Read more →

A critical vulnerability in Windows 11 allowed attackers to escalate from a low-privileged user to full system administrator rights in just 300 milliseconds.  The vulnerability, tracked as CVE-2025-24076, exploits a weakness in Windows 11’s “Mobile devices” feature through a sophisticated…

Read more →

Advanced Persistent Threats (APTs) represent some of the most sophisticated cyber threats organizations face today. Unlike conventional attacks, APTs involve stealthy, persistent adversaries who establish long-term footholds in networks to extract valuable data or cause significant damage. In the current…

Read more →

Google has issued an urgent security update for its Chrome browser after two critical vulnerabilities were discovered. These vulnerabilities could allow attackers to steal sensitive data and gain unauthorized access to users’ systems. The flaws, identified as CVE-2025-3619 and CVE-2025-3620,…

Read more →

Microsoft 365 administrators faced significant challenges today as an ongoing outage prevented access to the Microsoft 365 Admin Center and the Exchange Admin Center (EAC). The issue, reported by the official Microsoft 365 Status account on X (@MSFT365Status) and is…

Read more →

A letter from MITRE, dated April 15, 2025, has leaked online claimed to be revealed from a reliable source that the organization’s contract to support the Common Vulnerabilities and Exposures (CVE) program is due to expire today, April 16, 2025,…

Read more →

Linux cyber threats are less widespread than Windows ones yet it can make them even more dangerous. Underestimated and under-anticipated, they stab endpoints and networks in the back, bringing operational disruption and financial loss. It’s true that individual desktop users…

Read more →

For many years, ransomware has been associated with online extortion, causing businesses to become immobilized as they attempt to recover encrypted data. With cybersecurity teams preparing for these direct attacks, organizations have become accustomed to the risk of frozen systems…

Read more →

In the rapidly evolving digital landscape of 2025, cybersecurity has reached an inflection point that has prompted an unprecedented reassessment among security professionals. According to recent industry analysis, 78% of security leaders are completely rethinking their cyber strategies a striking…

Read more →

An interconnected digital landscape differentiates the current era from previous ones, as using the internet for various personal and professional purposes was uncommon then. While this phenomenon has eased multiple tasks for people of different demographics, it has also resulted…

Read more →

A sophisticated Chinese spyware suite dubbed “PasivRobber” that targets macOS devices, with particular focus on harvesting data from communication applications popular among Chinese users.  The multi-binary malware package demonstrates advanced technical capabilities for data exfiltration and persistence. On March 13,…

Read more →

A newly uncovered campaign targeting websites hosted on Amazon EC2 instances has raised alarms across the cybersecurity community. Since mid-March 2025, threat actors have been exploiting a combination of Server-Side Request Forgery (SSRF) vulnerabilities and Amazon’s EC2 Instance Metadata Service…

Read more →

Microsoft has taken a critical step to enhance security across its productivity suite by disabling ActiveX controls by default in Microsoft 365 applications.  This significant security update, which began rolling out earlier this month, aims to reduce the risk of…

Read more →

Cybersecurity researchers have uncovered a sophisticated multi-stage attack chain utilizing JScript to deliver dangerous malware payloads. The attack, which employs a complex obfuscation technique, ultimately delivers either XWorm or Rhadamanthys malware depending on the victim’s geographic location. This loader operates…

Read more →

A seemingly empty folder appearing on Windows systems after recent security updates has raised concerns among users, but Microsoft confirms it’s an intentional security measure that should remain untouched.  The directory, typically located at C:\inetpub, serves as a crucial component…

Read more →

A sophisticated cryptocurrency theft operation has been uncovered where brand-new Android smartphones arrive with pre-installed malware masquerading as legitimate WhatsApp applications.  Threat actors have infiltrated the supply chain of several Chinese smartphone manufacturers, embedding malicious code directly into system applications…

Read more →

Researchers have recently discovered that OpenAI’s ChatGPT image generation feature can be manipulated to create convincing fake passports with minimal effort. This capability, introduced on March 25, 2025, for ChatGPT-4o and ChatGPT-4o mini models and made freely available to all…

Read more →

Google has introduced a significant security enhancement for Android devices that automatically reboots phones and tablets after extended periods of inactivity.  This new auto-restart feature, included in the latest Google Play services update (version 25.14), represents an important step forward…

Read more →

Microsoft Teams users encountered a significant disruption in file-sharing capabilities on Tuesday, April 15, 2025, as the company confirmed an ongoing investigation into the issue. The problem, which affects the ability to share files within the Teams platform, was first…

Read more →

The rapid transition to hybrid work models has created unprecedented cybersecurity challenges, with insider threats emerging as a particularly concerning vector. As organizational boundaries dissolve and employees access sensitive systems across diverse networks and devices, the attack surface has expanded…

Read more →

A sophisticated new malware technique known as “Waiting Thread Hijacking” (WTH) has emerged as a significant threat to cybersecurity defenses. This stealthy process injection method, revealed on April 14, 2025, represents an evolution of the classic Thread Execution Hijacking approach…

Read more →

Hertz Corporation has confirmed a significant data breach affecting customers of its Hertz, Dollar, and Thrifty brands, where hackers exploited critical security vulnerabilities to access sensitive customer information.  The company disclosed that unauthorized third parties acquired customer data after exploiting…

Read more →

As we move further into 2025, the cybersecurity landscape continues to evolve with alarming sophistication, particularly in attacks targeting critical infrastructure. The surge in cyberattacks on essential systems like energy grids, water facilities, and communication networks demands a paradigm shift…

Read more →

A significant security vulnerability has been identified in Google Groups, allowing users to circumvent file attachment restrictions by simply sending emails to group addresses.  This broken access control issue potentially impacts thousands of organizations that rely on Google Groups for…

Read more →