Quality threat intelligence has traditionally been the domain of enterprise-level budgets and premium subscriptions. The kind of fresh, actionable data that transforms how SOCs operate has remained frustratingly out of reach for many organizations. Until now. A Game-Changing Opportunity For…
Tag: Cyber Security News
Dark Web Travel Agencies Offering Cheap Travel Deals to Steal Credit Card Data
The rise of clandestine “travel agencies” on darknet forums has reshaped the cyber-crime landscape, morphing traditional card-skimming into a full-fledged service economy that sells half-priced flights, five-star hotels, and even yacht charters. What unsuspecting buyers see as a bargain is…
UK Confirms Ban of Ransomware Payments to Public and Critical National Infrastructure Sectors
The UK government has announced comprehensive measures to tackle ransomware attacks, with public sector organizations and critical national infrastructure operators facing an outright ban on paying ransom demands to cyber criminals. This landmark decision, supported by nearly three-quarters of consultation…
Apache Jena Vulnerability Leads to Arbitrary File Access or Manipulation
Apache Jena has disclosed two significant security vulnerabilities affecting versions through 5.4.0, prompting an immediate upgrade recommendation to version 5.5.0. Both CVE-2025-49656 and CVE-2025-50151, announced on July 21, 2025, represent important severity flaws that exploit administrative access to compromise server…
Iran’s Cyber Actors Attacking Global Airlines to Exfiltrate Sensitive Data
The breach of Tehran-based security contractor Amnban has ripped the cover off a multi-year espionage program that quietly burrowed into airline reservation systems across Africa, Europe, and the Middle East. Internal documents and screen-captured videos obtained by investigatory journalist Nariman…
Threat Actors Allegedly Selling macOS 0-day LPE Exploit on Hacker Forums
A threat actor known as “skart7” is allegedly offering a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system for sale on a prominent hacker forum. This development represents a significant security concern for macOS users, particularly those…
CISA Warns of Interlock Ransomware With Double Extortion Tactics Attacking Windows and Linux Systems
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center have issued an urgent joint advisory warning of escalating attacks by the Interlock ransomware group, which has been targeting…
Critical Sophos Firewall Vulnerabilities Enables pre-auth Remote Code Execution
Multiple security vulnerabilities affecting Sophos firewall products, with two enabling pre-authentication remote code execution that could allow attackers to compromise systems without valid credentials. The vulnerabilities, tracked as CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, and CVE-2024-13973, impact various configurations of Sophos Firewall…
New DCHSpy Android Malware Steals WhatsApp Data, Call Logs, Record Audio and Take Photos
A sophisticated new variant of DCHSpy Android surveillanceware, deployed by the Iranian cyber espionage group MuddyWater just one week after escalating tensions in the Israel-Iran conflict. This malicious tool represents a significant evolution in mobile surveillance capabilities, targeting sensitive communications…
UK Sanctions Russian APT 28 Hackers for Attacking Microsoft Cloud Service Login Details
The UK Government has imposed sanctions on Russian military intelligence units and 18 individuals following the exposure of a sophisticated cyber espionage campaign targeting Microsoft cloud services. The National Cyber Security Centre (NCSC) revealed that the Russian Advanced Persistent Threat…
Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild
Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild. The vulnerabilities, carrying the maximum CVSS severity score of…
Threat Actors Combine Android Malware With Click Fraud Apps to Steal Login Credentials
A fresh wave of malicious Android Package Kit (APK) files is weaving together two of cybercrime’s most reliable revenue streams—click-fraud advertising and credential theft—into a single, adaptable threat that has begun circulating across Southeast Asia, Latin America, and parts of…
ExpressVPN Windows Client Vulnerability Exposes Users Real IP Addresses With RDP Connection
A critical security vulnerability in ExpressVPN Windows desktop application that could expose users’ real IP addresses when using Remote Desktop Protocol (RDP) connections. The flaw, discovered through the company’s bug bounty program, affected specific versions of the Windows client and…
Wireshark 4.4.8 Released With Bug Fixes and Updated Protocol Support
Wireshark Foundation has announced the availability of Wireshark 4.4.8, the latest maintenance release of the world’s most widely used network-protocol analyzer. Although the update does not introduce brand-new protocols, it delivers a focused package of stability improvements, expanded dissector capabilities,…
GLOBAL GROUP’s Golang Ransomware Attacks Windows, Linux, and macOS Environments
A sophisticated new ransomware threat has emerged from the cybercriminal underground, targeting organizations across multiple operating systems with advanced cross-platform capabilities. In June 2025, a ransomware actor operating under the alias “Dollar Dollar Dollar” introduced GLOBAL GROUP on the Ramp4u…
Microsoft Releases Mitigations and Threat Hunting Queries for SharePoint Zero-Day
Thousands of organizations worldwide face active cyberattacks targeting Microsoft SharePoint servers through two critical vulnerabilities, prompting urgent government warnings and emergency patches. Microsoft confirmed over the weekend that threat actors are actively exploiting two zero-day vulnerabilities in on-premises SharePoint servers,…
Dior, a Louis Vuitton Brand, Alerts Customers Following Cyber Attack
Christian Dior Couture, the luxury fashion house owned by Louis Vuitton, has begun notifying customers of a major cybersecurity incident that exposed sensitive personal information of clients. The breach, discovered in May 2025, involved unauthorized access to customer databases containing…
Greedy Sponge Hackers Attacking Financial Institutions With Modified Version of AllaKore RAT
A financially motivated threat group dubbed Greedy Sponge has been systematically targeting Mexican financial institutions and organizations since 2021 with a heavily modified version of the AllaKore remote access trojan (RAT). The campaign represents a sophisticated evolution of cybercriminal tactics,…
DeerStealer Malware Delivered Via Weaponized .LNK Using LOLBin Tools
A sophisticated new phishing campaign has emerged, delivering the DeerStealer malware through weaponized .LNK shortcut files that exploit legitimate Windows binaries in a technique known as “Living off the Land” (LOLBin). The malware masquerades as a legitimate PDF document named…
Developers Beware of npm Phishing Email That Steal Your Login Credentials
A sophisticated phishing campaign has emerged targeting Node.js developers through a meticulously crafted attack that impersonates the official npm package registry. The malicious operation utilizes the typosquatted domain npnjs.com, substituting the letter “m” with “n” to create a nearly identical…