A sophisticated North Korean cryptocurrency theft campaign has resurfaced with renewed vigor, weaponizing twelve malicious NPM packages to target developers and steal digital assets. The campaign, which represents a significant escalation in supply chain attacks, exploits the trust developers place…
Tag: Cyber Security News
Famous Chollima APT Hackers Attacking Job Seekers and Organization to Deploy JavaScript Based Malware
North Korean-linked Famous Chollima APT group has emerged as a sophisticated threat actor, orchestrating targeted campaigns against job seekers and organizations through deceptive recruitment processes. Active since December 2022, this advanced persistent threat has developed an intricate multi-stage attack methodology…
Fashion Giant Chanel Hacked in Wave of Salesforce Attacks
French luxury fashion house Chanel has become the latest victim in a sophisticated cybercrime campaign targeting major corporations through their Salesforce customer relationship management systems. The company confirmed on July 25, 2025, that unauthorized threat actors had breached a database…
Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction
Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide. The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code…
Raspberry Robin Malware Downloader Attacking Windows Systems With New Exploit for Common Log File System Driver Vulnerability
The cybersecurity landscape faces a persistent threat as Raspberry Robin, a sophisticated malware downloader also known as Roshtyak, continues its campaign against Windows systems with enhanced capabilities and evasion techniques. First identified in 2021, this USB-propagated malware has demonstrated remarkable…
WAFs protection Bypassed to Execute XSS Payloads Using JS Injection with Parameter Pollution
A sophisticated method to bypass Web Application Firewall (WAF) protections using HTTP Parameter Pollution techniques combined with JavaScript injection. The research, conducted by Bruno Mendes across 17 different WAF configurations from major vendors including AWS, Google Cloud, Azure, and Cloudflare,…
NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control
A critical vulnerability chain in NVIDIA’s Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers. The vulnerability chain, identified as CVE-2025-23319, CVE-2025-23320, and CVE-2025-23334, exploits the server’s Python…
New Android Malware Mimics as SBI Card, Axis Bank Apps to Steal Users Financial Data
A sophisticated new Android malware campaign has emerged targeting Indian banking customers through convincing impersonations of popular financial applications. The malicious software masquerades as legitimate apps from major Indian financial institutions, including SBI Card, Axis Bank, Indusind Bank, ICICI, and…
Threat Actors are Actively Exploiting Vulnerabilities in Open-Source Ecosystem to Propagate Malicious Code
The open-source software ecosystem, once considered a bastion of collaborative development, has become an increasingly attractive target for cybercriminals seeking to infiltrate supply chains and compromise downstream systems. Recent analysis conducted during the second quarter of 2025 reveals that threat…
Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help
Two high-severity vulnerabilities in Anthropic’s Claude Code could allow attackers to escape restrictions and execute unauthorized commands. Most remarkably, Claude itself unwittingly assisted in developing the exploits used against its own security mechanisms. The vulnerabilities uncovered by Elad Beber from…
Ransomware Attack on Phone Repair and Insurance Company Cause Millions in Damage
The sudden emergence of the Royal ransomware in early 2023 marked a significant escalation in cyber threats targeting service providers across Europe. Exploiting unpatched VPN and remote-desktop gateways, attackers initiated brute-force and credential-stuffing campaigns to breach perimeter defenses. Once inside,…
New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers
A sophisticated new attack method that exploits AI models’ tendency to comply with legal-sounding text, successfully bypassing safety measures in popular development tools. A study by Pangea AI Security has revealed a novel prompt injection technique dubbed “LegalPwn” that weaponizes…
SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass multi-factor authentication (MFA) and deploy ransomware within hours of the initial breach. Security firms, including…
New Python-Based PXA Stealer Via Telegram Stolen 200,000 Unique Passwords and Hundreds of Credit Cards
A sophisticated new cybercriminal campaign has emerged, leveraging a Python-based information stealer known as PXA Stealer to orchestrate one of the most extensive data theft operations observed in recent months. The malware, which first surfaced in late 2024, has evolved…
Threat Actors Using AI to Scale Operations, Accelerate Attacks and Attack Autonomous AI Agents
The cybersecurity landscape has witnessed an unprecedented evolution as threat actors increasingly weaponize artificial intelligence to amplify their attack capabilities and target the very AI systems organizations depend upon. According to the CrowdStrike 2025 Threat Hunting Report, adversaries are no…
Mozilla Warns of Phishing Attacks Targeting Add-on Developers Account
Mozilla has issued an urgent security alert to its developer community following the detection of a sophisticated phishing campaign specifically targeting AMO (addons.mozilla.org) accounts. The company’s security team, led by Scott DeVaney, reported on August 1, 2025, that cybercriminals are…
CNCERT Accuses of US Intelligence Agencies Attacking Chinese Military-Industrial Units
Since mid-2022, Chinese military-industrial networks have reportedly been the target of highly sophisticated cyber intrusions attributed to US intelligence agencies. These campaigns exploited previously unknown vulnerabilities to install stealthy malware, maintain prolonged access, and exfiltrate sensitive defense data. Initially identified…
Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day
Researchers exploited CVE-2025-38001—a previously unknown Use-After-Free (UAF) vulnerability in the Linux HFSC queuing discipline—to compromise all Google kernelCTF instances (LTS, COS, and mitigation) as well as fully patched Debian 12 systems. Their work netted an estimated $82,000 in cumulative bounties…
FUJIFILM Printers Vulnerability Let Attackers Trigger DoS Condition
A critical security vulnerability affecting multiple FUJIFILM printer models could allow attackers to trigger denial-of-service (DoS) conditions through malicious network packets. The vulnerability, tracked as CVE-2025-48499, was announced on August 4, 2025, and affects various DocuPrint and Apoes printer series.…
LARGEST EVER Bitcoin Hack Valued $3.5 Billion Uncovered
The largest cryptocurrency hack ever recorded involved the theft of 127,426 BTC from Chinese mining pool LuBian in December 2020. The stolen Bitcoin was worth approximately $3.5 billion at the time of the theft and has since appreciated to an…