Tag: Cyber Security News

In the week of August 11-17, 2025, the cybersecurity landscape was marked by critical updates from major vendors and a surge in sophisticated threats, underscoring the ongoing battle against digital vulnerabilities. Microsoft rolled out its Patch Tuesday updates on August…

Read more →

CISA in collaboration with international partners, has released comprehensive guidance, titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators,” to strengthen cybersecurity defenses across critical infrastructure sectors. The document emphasizes the critical importance of maintaining accurate operational…

Read more →

A newly discovered zero-day vulnerability in Elastic’s Endpoint Detection and Response (EDR) solution allows attackers to bypass security measures, execute malicious code, and trigger a BSOD system crash, according to the Ashes Cybersecurity research. The vulnerability resides in a core…

Read more →

A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins with deceptive “New Voice Notification” emails that appear to come from…

Read more →

A critical vulnerability in the Microsoft Web Deploy tool could allow authenticated attackers to execute remote code on affected systems.  The vulnerability, tracked as CVE-2025-53772, was disclosed on August 12, 2025, and carries a CVSS score of 8.8, indicating high…

Read more →

Google has awarded a record-breaking $250,000 bounty to security researcher “Micky” for discovering a critical remote code execution vulnerability in Chrome’s browser architecture.  The vulnerability allowed malicious websites to escape Chrome’s sandbox protection and execute arbitrary code on victim systems. …

Read more →

Security researchers have uncovered four serious vulnerabilities in ImageMagick, one of the world’s most widely used open-source image processing software suites, potentially exposing millions of users to security risks. The vulnerabilities, discovered by researcher “urban-warrior” and published three days ago,…

Read more →

A sophisticated new phishing campaign targeting Gmail users through a multi-layered attack that uses legitimate Microsoft Dynamics infrastructure to bypass security measures and steal login credentials. The attack begins with deceptive “New Voice Notification” emails that appear to come from…

Read more →

Researchers at Hunt.io have made a significant discovery in the cybersecurity field by obtaining and analyzing the complete source code of ERMAC V3.0. This advanced Android banking trojan targets over 700 financial applications worldwide. This unique insight into an active malware-as-a-service platform…

Read more →

F5 Networks has disclosed a new HTTP/2 vulnerability affecting multiple BIG-IP products that could allow remote attackers to launch denial-of-service attacks against corporate networks. The security flaw, designated CVE-2025-54500 and dubbed the “HTTP/2 MadeYouReset Attack,” was published on August 13,…

Read more →

A sophisticated social engineering campaign by the EncryptHub threat group that combines impersonation tactics with technical exploitation to compromise corporate networks. The Russian-linked cybercriminals are posing as IT support staff and using Microsoft Teams requests to establish remote access, ultimately…

Read more →

API, short for Application Programming Interface, is a mechanism that helps extract data from software applications and transfer it to other software or users using APIs. Communication through APIs is based on different requests and responses, and developers provide good…

Read more →

Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, designated as CVE-2025-25256. The vulnerability carries a maximum CVSS score of 9.8 and has already been exploited in…

Read more →

Palo Alto Networks has published an extensive malware analysis tutorial detailing the dissection of a sophisticated .NET-based threat that delivers the Remcos remote access trojan (RAT). The malware’s emergence highlights a trend in which threat actors increasingly abuse legitimate development…

Read more →

A sophisticated threat campaign has emerged that leverages CrossC2, an unofficial extension tool that expands Cobalt Strike’s notorious capabilities beyond Windows systems to target Linux and macOS environments. Between September and December 2024, cybersecurity incidents involving this cross-platform malware have…

Read more →

Google Play has implemented comprehensive licensing requirements for cryptocurrency exchanges and software wallets, fundamentally reshaping the mobile app ecosystem for digital asset services. The policy mandates that developers seeking to publish cryptocurrency applications must obtain specific licenses and certifications from…

Read more →

The cybersecurity landscape faces a new sophisticated threat as the Crypto24 ransomware group demonstrates an alarming evolution in attack methodology, seamlessly blending legitimate administrative tools with custom-developed malware to execute precision strikes against high-value targets. This emerging ransomware operation has…

Read more →

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of…

Read more →

Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identified by security researcher JAMESWT, targets explicitly customers of…

Read more →

A zero-day vulnerability in WinRAR allows malware to be deployed on unsuspecting users’ systems, highlighting the ongoing threats to popular software. Tracked as CVE-2025-8088, this path traversal flaw affects the Windows version of the widely used file archiving tool, enabling…

Read more →

The goal of deception technology, which uses some of the best deception tools, is to trick attackers by dispersing a variety of traps and dummy assets throughout a system’s infrastructure to mimic real assets. There is always a possibility that…

Read more →

Critical security flaw CVE-2025-20217 allows unauthenticated attackers to trigger denial-of-service conditions in Cisco’s widely deployed firewall systems Cisco has disclosed a high-severity vulnerability in its Secure Firewall Threat Defense (FTD) Software that could allow remote attackers to cause denial-of-service conditions…

Read more →

A new AI tool named HexStrike AI has been launched, designed to bridge the gap between large language models (LLMs) and practical cybersecurity operations. The latest release, v6.0, equips AI agents like OpenAI’s GPT, Anthropic’s Claude, and GitHub’s Copilot with…

Read more →

Security researchers have identified a new denial-of-service (DoS) vulnerability in HTTP/2 implementations, referred to as MadeYouReset (CVE-2025-8671). This discovery represents a notable escalation in the threats associated with web protocols. Publicly disclosed on August 13, 2025, this flaw allows attackers…

Read more →

A sophisticated new malware campaign targeting Windows systems has emerged, employing a multi-stage framework dubbed “PS1Bot” that combines PowerShell and C# components to conduct extensive information theft operations. The malware represents a significant evolution in attack methodologies, utilizing modular architecture…

Read more →

Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remotely. The vulnerability, tracked as CVE-2025-20265 and assigned the maximum CVSS score…

Read more →

Cybercriminals are increasingly leveraging personalization tactics to enhance the effectiveness of their malware-delivery phishing campaigns, with threat actors customizing subject lines, attachment names, and embedded links to create a false sense of authenticity and urgency. This sophisticated approach represents a…

Read more →

A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which…

Read more →

The ransomware threat landscape witnessed a concerning surge in July 2025, with the Qilin ransomware group maintaining its dominant position for the third time in four months. The group successfully claimed 73 victims on its data leak site, representing 17.3%…

Read more →

The cyberthreat landscape continues to evolve as malicious actors develop increasingly sophisticated attack methods, with the EncryptHub threat group emerging as a particularly concerning adversary. This emerging threat actor, also known as LARVA-208 and Water Gamayun, has been making headlines…

Read more →

Cybercriminals have escalated their proxyjacking campaigns by exploiting legitimate user behavior around YouTube video downloads, according to a recent security analysis. The attack leverages fake YouTube download sites to distribute proxyware malware, specifically targeting users seeking free video conversion services.…

Read more →

The cybersecurity landscape is witnessing a fundamental transformation as artificial intelligence becomes the newest weapon in cybercriminals’ arsenals, revolutionizing traditional phishing and scam operations. Unlike conventional phishing campaigns that were often riddled with grammatical errors and obvious tells, modern AI-powered…

Read more →

Google has achieved a significant milestone in mobile security with the announcement that Android’s protected KVM (pKVM) hypervisor has officially received SESIP Level 5 certification, marking it as the first software security system designed for large-scale consumer electronics deployment to…

Read more →

A significant cyberattack hit the Canadian House of Commons on August 9, 2025, when threat actors exploited a recently disclosed Microsoft vulnerability to gain unauthorized access to sensitive employee information. The breach underscores the growing cybersecurity challenges facing Canada’s government…

Read more →

Cybersecurity researchers have uncovered a sophisticated malware distribution campaign utilizing GitHub repositories disguised as legitimate software projects. The SmartLoader malware has been strategically deployed across multiple repositories, capitalizing on users’ trust in the popular code-sharing platform to infiltrate systems worldwide.…

Read more →

The cybersecurity landscape witnessed a sophisticated and ongoing attack campaign throughout 2025 that has successfully compromised major corporations, including Google, Adidas, Louis Vuitton, and numerous other high-profile organizations. This comprehensive technical analysis reveals how the notorious cybercriminal group ShinyHunters, in…

Read more →

Adobe has released a comprehensive security update addressing 60 critical vulnerabilities across 13 of its flagship products as part of its August 2025 Patch Tuesday initiative. The massive security bulletin, published on August 12, 2025, represents one of the most…

Read more →

A critical security vulnerability in Apache Tomcat’s HTTP/2 implementation has been discovered, enabling attackers to launch devastating denial-of-service (DoS) attacks against web servers.  The vulnerability, designated as CVE-2025-48989 and dubbed the “Made You Reset” attack, affects multiple versions of the…

Read more →

A detailed security guide released by Splunk to help cybersecurity teams detect and prevent ransomware attacks targeting ESXi infrastructure before they can cause catastrophic damage.  The guide comes as a response to increasing threats against VMware’s ESXi hypervisor systems, which…

Read more →

Critical vulnerabilities in Xerox FreeFlow Core, a widely-used print orchestration platform, allow unauthenticated remote attackers to execute malicious code on vulnerable systems.  The flaws, tracked as CVE-2025-8355 and CVE-2025-8356, affect the JMF Client service and have been patched in FreeFlow…

Read more →

A sophisticated new threat vector has emerged that could undermine one of the most trusted authentication methods in cybersecurity. FIDO-based passkeys, long considered the gold standard for phishing-resistant authentication, are now facing a potentially devastating attack technique that forces users…

Read more →

CISA has issued urgent warnings regarding two critical security vulnerabilities in N-able N-Central remote monitoring and management (RMM) software that threat actors are actively exploiting.  The vulnerabilities, identified as CVE-2025-8875 and CVE-2025-8876, pose significant risks to organizations using this widely-deployed…

Read more →

A critical security vulnerability has been discovered in the popular “Database for Contact Form 7, WPforms, Elementor forms” WordPress plugin, potentially exposing over 70,000 websites to remote code execution attacks.  The vulnerability, tracked as CVE-2025-7384 with a maximum CVSS score…

Read more →

The cybersecurity landscape experienced an unprecedented escalation in digital threats during the first half of 2025, with Web Distributed Denial of Service (DDoS) attacks surging by 39% compared to the second half of 2024. The second quarter alone witnessed a…

Read more →

Artificial intelligence coding assistants, designed to boost developer productivity, are inadvertently causing massive system destruction.  Researchers report a significant spike in what they term “AI-induced destruction” incidents, where helpful AI tools become accidental weapons against the very systems they’re meant…

Read more →

The notorious ShinyHunters cybercriminal group has emerged from a year-long hiatus with a sophisticated new wave of attacks targeting Salesforce platforms across major organizations, including high-profile victims like Google. This resurgence marks a significant tactical evolution for the financially motivated…

Read more →

A new method has been identified to exploit Windows Out-of-Box-Experience (OOBE) that bypasses existing protections and grants administrative command line access to Windows machines.  This technique works even when Microsoft’s recommended security measure, the DisableCMDRequest.tag file, is implemented to block…

Read more →

A sophisticated cybercriminal organization known as VexTrio has been orchestrating a massive fraud empire through deceptive CAPTCHA robots and malicious applications distributed across Google Play and the App Store. This criminal network, operating for over 15 years, has successfully infiltrated…

Read more →

Out-of-bounds read and write vulnerabilities represent critical security vulnerabilities that occur when software accesses memory locations beyond the allocated boundaries of data structures such as arrays, buffers, or other memory regions. These vulnerabilities can lead to information disclosure, system crashes,…

Read more →

Critical security vulnerabilities in Microsoft Exchange Server enable attackers to perform spoofing and tampering attacks over network connections.  The vulnerabilities include two Exchange Server flaws (CVE-2025-25007 and CVE-2025-25005) enabling spoofing and tampering attacks, plus a Windows Graphics Component elevation of…

Read more →

A critical security vulnerability in GitHub Copilot and Visual Studio Code has been discovered that allows attackers to achieve remote code execution through prompt injection attacks, potentially leading to full system compromise of developers’ machines.  The vulnerability, tracked as CVE-2025-53773,…

Read more →

GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attacks.  The patches were released on August 13, 2025, affecting GitLab Community Edition (CE) and Enterprise…

Read more →

Microsoft is officially removing Windows PowerShell 2.0 from its operating systems, marking the end of an era for the legacy scripting component that has been deprecated since 2017. The removal affects Windows 11 version 24H2 starting August 2025 and Windows…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, with a due date of September 2, 2025, for federal agencies to apply mitigations. WinRAR has released version 7.13 to address a critical…

Read more →

A critical security vulnerability discovered in popular Android rooting frameworks could allow malicious applications to completely compromise rooted devices, giving attackers full system control without user knowledge. The vulnerability, first identified in KernelSU version 0.5.7, demonstrates how seemingly robust authentication…

Read more →

A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage campaigns against critical organizations in countries experiencing substantial geopolitical shifts. The group has been actively pursuing long-term network access and credential…

Read more →

Microsoft released critical security updates, addressing three serious vulnerabilities in Microsoft Office that could allow attackers to execute remote code on affected systems.  The vulnerabilities, tracked as CVE-2025-53731, CVE-2025-53740, and CVE-2025-53730, affect multiple versions of Microsoft Office and pose significant…

Read more →

A sophisticated new ransomware family called Charon has emerged in the cybersecurity landscape, targeting organizations in the Middle East’s public sector and aviation industry with advanced persistent threat (APT) techniques typically reserved for nation-state actors. The ransomware campaign represents a…

Read more →

The cybersecurity community continues to grapple with the lingering effects of the XZ Utils backdoor, a sophisticated supply chain attack that shook the industry in March 2024. What began as a carefully orchestrated two-year campaign by the pseudonymous developer ‘Jia…

Read more →

A critical authentication bypass vulnerability in FortiWeb allows unauthenticated remote attackers to impersonate any existing user on affected systems.  The vulnerability, tracked as CVE-2025-52970 with a CVSS score of 7.7, affects multiple FortiWeb versions and stems from improper parameter handling…

Read more →

Microsoft released security patches addressing a significant vulnerability in Windows Remote Desktop Services that could allow unauthorized attackers to launch denial of service attacks over network connections.  The vulnerability, designated as CVE-2025-53722, affects multiple Windows versions spanning from legacy systems…

Read more →

A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems.  The flaw, designated as CVE-2024-26009 with a CVSS score of 7.9, enables unauthenticated attackers to seize complete control of managed devices through exploitation of…

Read more →

A critical zero-click NTLM credential leakage vulnerability that circumvents Microsoft’s recent patch for CVE-2025-24054.  The newly identified flaw, assigned CVE-2025-50154, allows attackers to extract NTLM hashes from fully patched Windows systems without any user interaction, demonstrating that Microsoft’s April security…

Read more →

MCP (Model Control Plane) Server is a centralized platform that orchestrates, manages, and secures the lifecycle of AI models deployed across an organization’s infrastructure. By providing integration, management, and real-time monitoring of models, MCP servers enable enterprises to defend against…

Read more →

A sophisticated cybercriminal operation disguised as a Ukrainian Web3 development team has been targeting job seekers through weaponized NPM packages, security researchers warn. The attack leverages fake interview processes to trick unsuspecting candidates into downloading and executing malicious code that…

Read more →

A critical security vulnerability in the Fortinet FortiSIEM platform allows unauthenticated attackers to execute arbitrary commands remotely.  The vulnerability CVE-2025-25256, classified as CWE-78 (OS Command Injection), has been actively exploited in the wild with practical exploit code already circulating among…

Read more →

Google Chrome has released a critical security update addressing six vulnerabilities that could potentially enable arbitrary code execution on affected systems.  The stable channel update to version 139.0.7258.127/.128 for Windows and Mac, and 139.0.7258.127 for Linux, contains patches for multiple…

Read more →

A critical security vulnerability in the Fortinet FortiSIEM platform that allows unauthenticated attackers to execute arbitrary commands remotely.  The vulnerability CVE-2025-25256, classified as CWE-78 (OS Command Injection), has been actively exploited in the wild with practical exploit code already circulating…

Read more →

In a coordinated international operation, law enforcement agencies successfully dismantled critical infrastructure belonging to the BlackSuit ransomware group, also known as Royal, marking a significant victory in the ongoing battle against cybercriminal enterprises. The July 24, 2025 takedown operation resulted…

Read more →

Microsoft disclosed a significant remote code execution (RCE) vulnerability in its Teams collaboration software as part of its August 2025 Patch Tuesday updates. The critical flaw, identified as CVE-2025-53783, could allow an unauthorized attacker to read, write, and even delete…

Read more →

Electronic Arts has revealed that their Javelin anti-cheat system successfully prevented 330,000 attempts to cheat or tamper with anti-cheat controls during the Battlefield 6 Open Beta launch period. The gaming giant’s SPEAR Anti-Cheat Team disclosed these statistics while addressing community…

Read more →

Microsoft has released the Windows 11 August 2025 Cumulative Updates, KB5063878 for version 24H2 and KB5063875 for versions 22H2 and 23H2, delivering critical stability fixes and new features released along with Microsoft patch Tuesday august 2025. These updates address performance…

Read more →

In recent months, a new phishing toolkit known as PoisonSeed has emerged, targeting both individual users and enterprise organizations with unprecedented sophistication. Unlike traditional phishing kits that harvest only usernames and passwords, PoisonSeed employs an adversary-in-the-middle (AitM) approach to intercept…

Read more →

Microsoft released its August Patch Tuesday security updates, addressing a total of 107 vulnerabilities across its product ecosystem. The update includes fixes for 90 vulnerabilities, classified as follows: 13 are Critical, 76 are Important, one is Moderate, and one is…

Read more →

More than 17,000 VMware ESXi installations worldwide are at risk from a severe integer-overflow vulnerability tracked as CVE-2025-41236 (CVSS 9.3), cybersecurity researchers warn. This critical vulnerability, first flagged in July, has prompted urgent calls for patching, but the latest scan…

Read more →

Imagine your Security Operations Center (SOC) as the tactical center of a medieval fortress, where vigilant sentries scan the horizon for approaching threats. But instead of watching for enemy armies, your digital guardians monitor an endless stream of network traffic,…

Read more →

The threat actor collective ShinyHunters has recently announced that BreachForums—one of the most prolific breeding grounds for stolen credentials and leak data—has been commandeered by international law enforcement agencies. According to Shiny from ShinyHunters, the site’s administrative controls, including the…

Read more →

Over 7,000 Citrix NetScaler appliances remain unpatched against two critical vulnerabilities: CVE-2025-5777 and CVE-2025-6543.  Despite multiple advisories from Citrix, CISA’s KEV catalog entries, and updates from national cybersecurity agencies—including the Dutch NCSC—threat actors continue to target unmitigated devices at scale.…

Read more →

Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products.  The vulnerabilities, identified through internal discovery and responsible disclosure programs, could enable remote attackers to…

Read more →

An unprecedented surge in brute-force attacks targeting Fortinet SSL VPN infrastructure, with over 780 unique IP addresses participating in coordinated assault campaigns.  The August 3rd attack represents the highest single-day volume recorded on GreyNoise’s Fortinet SSL VPN Bruteforcer tag in…

Read more →

Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems. Designated as CVE-2025-49457 under bulletin ZSB-25030, this flaw carries a CVSS score of 9.6, classifying it as critical due to…

Read more →

A massive leak of internal tooling, backdoors, and intelligence-gathering artifacts attributed to North Korea’s state-sponsored APT group Kimsuky has been published online by presumed insiders.  The 34,000-page dump exposes live phishing infrastructure, kernel-level backdoors, Cobalt Strike payloads, and stolen government…

Read more →

SAP released a comprehensive security update on August 12th, 2025, addressing 15 new vulnerabilities across its enterprise software portfolio, including three critical code injection flaws that pose significant risks to organizations worldwide.  The monthly Security Patch Day also included four…

Read more →

A severe flaw in a major automaker’s dealer portal allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely.  The vulnerability resides in the portal’s Java/SAP backend and AngularJS frontend, where…

Read more →

A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores.  Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…

Read more →

In early August 2025, a previously quiet cybercrime collective known as Scattered Spider resurfaced with a striking new Telegram channel that aggregates proof of its intrusions and data exfiltration operations. The channel name fuses ShinyHunters, Scattered Spider, and Lapsus$, signaling…

Read more →

Wikipedia has suffered a significant legal defeat in its attempt to avoid being classified under the UK’s stringent Online Safety Act regulations. The High Court ruled against the Wikimedia Foundation and a Wikipedia user, known only as “BLN,” who challenged…

Read more →

A severe vulnerability in Apache bRPC has been discovered that allows attackers to crash services through network exploitation, affecting all versions prior to 1.14.1.  The vulnerability, identified as CVE-2025-54472 with “important” severity classification, stems from unlimited memory allocation in the…

Read more →

Reddit has announced plans to significantly restrict the Internet Archive’s Wayback Machine from indexing its platform, citing concerns that AI companies have been exploiting the archival service to circumvent Reddit’s data protection policies.  The move represents another escalation in Reddit’s…

Read more →

The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler devices. The vulnerability, designated CVE-2025-6543, has been actively exploited since early May 2025, successfully compromising…

Read more →

The cybersecurity landscape continues to evolve as threat actors develop increasingly sophisticated methods to evade detection systems. Recent research has unveiled a comprehensive analysis of payload obfuscation techniques that enable malicious scripts to bypass modern defense mechanisms, including web application…

Read more →

A newly discovered security flaw in leading smart bus systems threatens to expose passenger safety and fleet integrity.  Researchers have identified a critical vulnerability CVE-2025-44179 in the remote management interface of several major transit providers’ onboard modems.  Exploiting this weakness,…

Read more →

A newly discovered ransomware campaign has targeted enterprise VMware ESXi environments with military precision, deploying custom-built encryption tools that specifically hunt for virtual machine disk files across VMFS datastores.  Security researchers have successfully reverse-engineered the attack methodology and developed breakthrough…

Read more →

A sophisticated new attack campaign has emerged targeting Israeli businesses and infrastructure sectors through a deceptive social engineering technique known as “ClickFix,” which tricks users into executing malicious PowerShell commands on their Windows systems. The multi-stage attack chain begins with…

Read more →

A critical remote code execution vulnerability in Erlang/OTP’s SSH daemon has been actively exploited in the wild, with cybercriminals targeting operational technology networks across multiple industries. CVE-2025-32433, carrying the maximum CVSS score of 10.0, allows unauthenticated attackers to execute arbitrary…

Read more →

Four Ghanaian nationals orchestrating an international cybercrime operation that defrauded victims of over $100 million through sophisticated romance scams and business email compromise attacks have been extradited to the United States. The criminal organization, led by Isaac Oduro Boateng, Inusah…

Read more →

A significant vulnerability in multi-user Linux environments, where standard system behaviors can be exploited to harvest sensitive credentials and secrets from other users.  The research, presented in “Silent Leaks: Harvesting Secrets from Shared Linux Environments,” demonstrates how legitimate system tools…

Read more →

UAC‑0099, a sophisticated threat actor group that has been active since at least 2022, continues to pose a significant cybersecurity threat through its evolving cyber-espionage campaigns targeting Ukrainian government agencies, military organizations, and defense-industrial entities. The group has demonstrated remarkable…

Read more →

CastleLoader, a sophisticated malware loader that emerged in early 2025, has successfully compromised 469 devices out of 1,634 infection attempts since May 2025, achieving an alarming 28.7% infection rate. This versatile threat has primarily targeted U.S. government entities through advanced…

Read more →

A sophisticated Visual Basic Script (VBS) malware dubbed “Silent Watcher” has emerged as a persistent threat targeting Windows systems, demonstrating advanced data exfiltration capabilities through Discord webhooks. This stealer, part of the Cmimai malware family, represents a concerning evolution in…

Read more →