The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with Sandia National Laboratories, today announced the public release of Thorium, a highly scalable and distributed platform designed for automated file analysis and result aggregation. The new tool aims to significantly…
Tag: Cyber Security News
Researchers Detailed North Korean Threat Actors Technical Strategies to Uncover Illicit Access
North Korean threat actors have evolved their cybercriminal operations into a sophisticated digital deception campaign that has successfully siphoned at least $88 million USD from organizations worldwide. These operatives, masquerading as legitimate freelance developers, IT staff, and contractors, have exploited…
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE-2025-53770, according to new findings from Shadowserver Foundation. The vulnerability, dubbed “ToolShell” by…
5 Best IT Infrastructure Modernisation Services In 2025
In 2025, modernizing outdated IT infrastructure is key for organizations aiming to stay competitive, secure, and scalable. Finding a reliable partner is not easy, so for this guide, we’ve prepared the list of the 5 best IT infrastructure modernisation services…
Hacker Arrested for Stealing Users Personal Data from Spanish Banks
Spanish authorities have successfully apprehended a sophisticated cybercriminal operating from Girona province, who allegedly orchestrated multiple data breaches targeting financial institutions, educational organizations, and private companies. The arrest represents a significant victory in the ongoing fight against cybercrime in Spain,…
Lenovo IdeaCentre and Yoga Laptop BIOS Vulnerabilities Let Attackers Execute Arbitrary Code
Critical vulnerabilities in Lenovo’s IdeaCentre and Yoga All-In-One systems could allow privileged local attackers to execute arbitrary code and access sensitive system information. The vulnerabilities affect InsydeH2O BIOS implementations used in specific Lenovo desktop and all-in-one computer models, with CVSS…
20 Best Inventory Management Tools in 2025
Inventory management tools streamline tracking and managing stock levels, orders, sales, and deliveries. It provides real-time visibility into inventory across multiple locations, ensuring accurate stock levels and reducing the risk of overstocking or stockouts. These tools often include features for…
Threat Actors Weaponizes LNK Files to Deploy RedLoader Malware on Windows Systems
The cybersecurity landscape faces a renewed threat as the GOLD BLADE cybercriminal group has significantly evolved their attack methodology, combining previously observed techniques to create a sophisticated infection chain. This new campaign, which surged in July 2025, leverages malicious LNK…
Chinese Companies Linked With Hackers Filed Patents Over 10+ Forensics and Intrusion Tools
Cybersecurity researchers have uncovered more than 10 patents for highly intrusive forensics and data collection technologies filed by Chinese companies directly linked to state-sponsored hacking operations, according to a new report from SentinelLABS released this week. The patents, registered by…
UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped Raspberry Pi device directly into an ATM network, security researchers from Group-IB revealed this week. The campaign represents a rare…
Bangalore Techie Arrested in Connection With the $44 Million CoinDCX Hack
The Bangalore-based software engineer Rahul Agarwal, an employee of prominent crypto exchange CoinDCX, was arrested in connection with a massive $44 million (approximately Rs 379 crore) theft. The Whitefield CEN crime police detained Agarwal on July 26 following an extensive…
20 Best Kubernetes Monitoring Tools in 2025
Kubernetes monitoring tools are essential for maintaining the health, performance, and reliability of Kubernetes clusters. These tools provide real-time visibility into the state of clusters, nodes, and pods, allowing administrators to identify and resolve issues quickly. They offer detailed metrics…
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South Africa and Mauritius. The attack specifically targets on-premise SharePoint installations, exploiting previously unknown security flaws…
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity providers. The vulnerability, designated as CVE-2025-54576, enables attackers to bypass authentication mechanisms by manipulating…
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309 and scoring a critical 9.8 on the CVSS scale, stems from a fundamental breakdown…
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware campaigns. This surge in cyber warfare represents a paradigm shift where state-sponsored hackers and financially…
ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks
A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” The research reveals that malicious browser extensions can exploit the Document Object Model (DOM) to…
Qilin Ransomware Leverages TPwSav.sys Driver to Disable EDR Security Measures
Cybercriminals have once again demonstrated their evolving sophistication by weaponizing an obscure Toshiba laptop driver to bypass endpoint detection and response systems. The Qilin ransomware operation, active since July 2022, has incorporated a previously unknown vulnerable driver called TPwSav.sys into…
Gunra Ransomware New Linux Variant Runs Up To 100 Encryption Threads With New Partial Encryption Feature
A sophisticated new Linux variant of Gunra ransomware has emerged, marking a significant escalation in the threat group’s cross-platform capabilities since its initial discovery in April 2025. The ransomware, which drew inspiration from the notorious Conti ransomware techniques, has rapidly…
CISA and FBI Shared Tactics, Techniques, and Procedures of Scattered Spider Hacker Group
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released an updated joint cybersecurity advisory detailing the sophisticated tactics employed by the Scattered Spider cybercriminal group, also known as UNC3944, Oktapus, and Storm-0875. This threat…