The United States continues to face an unprecedented surge in cyber threats, accounting for nearly half of all documented cyber attacks globally between 2024 and 2025. Recent data from the Cyber Events Database reveals that the US experienced 646 reported…
Tag: Cyber Security News
Critical Cal.com Vulnerability Let Attackers Bypass Authentication Via Fake TOTP Codes
A severe authentication bypass vulnerability has been discovered in cal.com, the popular open-source scheduling platform. Allowing attackers to gain unauthorized access to user accounts by submitting fake TOTP codes. According to GitHub, flaw tracked as CVE-2025-66489, this critical flaw affects versions…
CISA Adds Critical React2Shell Vulnerability to KEV Catalog Following Active Exploitation
A critical vulnerability affecting Meta React Server Components has been added to the Known Exploited Vulnerabilities catalog, signalling widespread active exploitation by CISA. Tracked as CVE-2025-55182, this remote code execution vulnerability poses an immediate threat to organizations that rely on…
Hackers Leverage Multiple Ad Networks to Attack Adroid Users With Triada Malware
Mobile security continues to face significant challenges as sophisticated malware campaigns evolve to bypass traditional defenses. The Triada Trojan, a persistent threat to Android users for nearly a decade, has resurfaced with a highly coordinated operation targeting advertising networks. This…
Hackers Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information
Security researchers have exposed a critical privacy flaw dubbed “Careless Whisper” that lets attackers monitor user activity on WhatsApp and Signal through silent delivery receipts, without alerting victims or needing prior contact. By crafting stealthy messages like reactions to nonexistent…
Hackers Compromising Developers with Malicious VS Code, Cursor AI Extensions
The developer tools used by millions of programmers worldwide have become a prime target for attackers seeking to compromise entire organizations. Visual Studio Code and AI-powered IDEs like Cursor AI, when combined with their extension marketplaces, present a critical vulnerability…
LOLPROX Exposes Hidden Exploitation Paths that Can Enable Stealthy Hypervisor Attacks
Proxmox Virtual Environment has become a popular choice for organizations building private cloud infrastructure and virtual machine management systems. However, a new analysis reveals significant security gaps in how the hypervisor can be exploited once an attacker gains initial access…
The ‘Kitten’ Project – Hacktivist Groups Carrying Out Attacks Targeting Israel
The Kitten Project has emerged as a coordinated hacktivist platform operating at the intersection of activism and technical operations. This initiative represents a shift in how cyber-focused groups organize their campaigns, moving beyond isolated attacks toward centralized infrastructure that facilitates…
OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks
The OceanLotus hacker group, widely tracked as APT32, has initiated a highly targeted surveillance campaign aimed at China’s “Xinchuang” IT ecosystem. This strategic pivot focuses on compromising indigenized domestic hardware and software frameworks that were specifically designed to establish secure,…
Critical WatchGuard Firebox Vulnerabilities Let Attackers Bypass Integrity Checks and Inject Malicious Codes
Critical security alerts have been issued for Firebox firewall devices due to serious ten vulnerabilities. The vulnerabilities in WatchGuard, disclosed on December 4, 2025, span multiple severity levels and attack vectors. With several requiring urgent patching to prevent unauthorized code…
Indonesia’s Gambling Ecosystem Exposed With Indicators of National-Level Cyber Operations
A sophisticated cybercrime infrastructure operating for over fourteen years has been dismantled through extensive research into Indonesia’s illegal gambling networks. Security researchers have uncovered a sprawling ecosystem spanning hundreds of thousands of domains, thousands of malicious mobile applications, and widespread…
Hundreds of Porsche Cars Immobilized Following Malfunction in Installed Satellite Security System
Owners of hundreds of Porsche vehicles across Russia are facing a sudden crisis: their high-performance cars have been rendered completely undrivable due to a widespread malfunction in the German automaker’s factory-installed alarm systems. Reports from the Rolf dealership network, Russia’s…
Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack
A leading contract research organization specializing in pharmaceutical drug discovery and development services disclosed a significant data breach stemming from a ransomware attack that occurred in early August 2025. The Inotiv company announced the cybersecurity incident in its fiscal 2025…
Shanya EDR Killer Leveraged by Ransomware Groups to Clear the Way for Ransomware Infection
The cybercriminal landscape has recently witnessed the aggressive rise of “Shanya,” a potent packer-as-a-service and EDR killer now fueling major ransomware operations. Emerging on underground forums in late 2024 under the alias “VX Crypt,” this tool was engineered to supersede…
Crypto User Loses $9,000 in Seconds After Clicking Instagram Ad Promising Easy Profits
Jack, a Solana enthusiast using the Phantom wallet, fell victim to a sophisticated crypto drainer scam that wiped out $9,000 from his wallet almost instantly. He informed Cybersecurity News that the incident began with an attractive Instagram advertisement touting quick…
Critical Vulnerabilities in GitHub Copilot, Gemini CLI, Claude, and Other Tools Impact Millions of Users
The software development landscape has been fundamentally altered by AI-driven integrated development environments (IDEs). Tools like GitHub Copilot, Gemini CLI, and Claude Code have evolved from simple autocompletion engines into autonomous agents capable of executing tasks. However, this rapid pursuit…
Next.js Released a Scanner to Detect and Update Apps Impacted by React2Shell Vulnerability
A dedicated command-line tool, fix-react2shell-next, to help developers immediately detect and patch the critical “React2Shell” vulnerability (CVE-2025-66478). This new scanner offers a one-line solution to identify vulnerable versions of Next.js and React Server Components (RSC). Automatically apply the required security updates…
Malicious Go Packages Mimic as Google’s UUID Library to Exfiltrate Sensitive Data
Security researchers have uncovered a long-running supply chain attack targeting the Go programming community. The Socket Threat Research Team recently identified two malicious packages. github.com/bpoorman/uuid and github.com/bpoorman/uid. That has been silently stealing data from unsuspecting developers for years. The attack relies on…
Critical React2Shell RCE Vulnerability Exploited in the Wild to Execute Malicious Code
A critical remote code execution vulnerability, tracked as CVE-2025-55182 and dubbed “React2Shell,” is now under active exploitation in the wild. GreyNoise researchers have detected opportunistic, largely automated exploitation attempts targeting the unsafe deserialization flaw in the React Server Components Flight…
Predator Spyware Compamy Used 15 Zero-Days Since 2021 to Target iOS Users
A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide. The company, known for developing the Predator spyware, continues operations despite being sanctioned by the US government. The threats remain…