Tag: Cyber Security News

Outlook NotDoor backdoor malware first appeared in threat campaigns identified by Lab52, the intelligence arm of Spanish firm S2 Grupo. Linked to APT28/Fancy Bear, NotDoor leverages malicious Outlook macros for persistent access and data theft. Attackers embed these macro payloads…

Read more →

A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and bookassetd daemons, enabling attackers to modify sensitive files on the device’s Data partition areas typically…

Read more →

A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims. The attackers spend weeks building trust before striking. They reach out through WhatsApp to make…

Read more →

A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unauthorized server access across the internet. Since the initial discovery on October 28, 2025,…

Read more →

The U.S. Justice Department announced major actions against North Korean cybercrime, including five people admitting guilt and the government taking more than $15 million in property linked to the crimes. These operations reveal how the Democratic People’s Republic of Korea…

Read more →

A threat actor known as “888” has purportedly dumped sensitive data stolen from electronics giant LG Electronics, raising alarms in the cybersecurity community. The breach, first spotlighted on November 16, 2025, allegedly includes source code repositories, configuration files, SQL databases,…

Read more →

Samsung has been accused of shipping budget Galaxy A and M series smartphones with pre-installed spyware that users can’t easily remove. The software in question, AppCloud, developed by the mobile analytics firm IronSource, has been embedded in devices sold primarily…

Read more →

AccuKnox, a global leader in Zero Trust Cloud-Native Application Protection Platforms(CNAPP), today announced its partnership with Alice Blue India, a prominent brokerage andfinancial services firm, to strengthen its security and compliance frameworks across on-premand cloud workloads. The partnership was executed…

Read more →

A critical vulnerability allowing attackers to inject malicious code into Cursor’s embedded browser through compromised MCP (Model Context Protocol) servers. Unlike VS Code, Cursor lacks integrity verification on its proprietary features, making it a prime target for tampering. The attack…

Read more →

A new open-source tool called SilentButDeadly has emerged, designed to disrupt Endpoint Detection and Response (EDR) and antivirus (AV) software by severing their network communications. Developed by security researcher Ryan Framiñán, the tool leverages the Windows Filtering Platform (WFP) to…

Read more →

A serious security flaw in Cisco Catalyst Center Virtual Appliance has been discovered that allows attackers with low-level access to gain full administrator control over affected systems. The vulnerability, tracked as CVE-2025-20341, impacts virtual appliances running on VMware ESXi and…

Read more →

A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path traversal flaw that has already been observed in real-world attacks, allowing unauthorized access to sensitive CGI…

Read more →

A new threat targeting Chinese users has appeared with a dangerous ability to shut down security tools. RONINGLOADER, a multi-stage loader spreading a modified version of the gh0st RAT, uses clever tricks to bypass antivirus protection. The malware arrives through…

Read more →

A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762, the vulnerability affects versions up to 9.9 and could allow attackers to run arbitrary commands on the hosting server,…

Read more →

Attackers are using fake invoice emails to spread XWorm, a remote-access trojan that quietly steals login credentials, passwords, and sensitive files from infected computers. When a user opens the attached Visual Basic Script file, the malware begins working silently in…

Read more →

A new malware family targeting macOS systems has emerged with advanced detection evasion techniques and multi-stage attack chains. Named DigitStealer, this information stealer uses multiple payloads to steal sensitive data while leaving minimal traces on infected machines. The malware disguises…

Read more →

Chinese government-backed hackers used Anthropic’s Claude Code tool to carry out advanced spying on about thirty targets worldwide, successfully breaking into several major organizations. The first documented large-scale cyberattack executed primarily by leveraging artificial intelligence with minimal human intervention. The…

Read more →

Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and a recently discovered phishing kit demonstrates just how advanced these operations have become. This particular…

Read more →

A new wave of Formbook malware attacks has appeared, using weaponized ZIP archives and multiple script layers to bypass security controls. The attacks begin with phishing emails containing ZIP files that hold VBS scripts disguised as payment confirmation documents. These…

Read more →

A new advisory from the Cybersecurity and Infrastructure Security Agency reveals that Akira ransomware has become one of the most active threats targeting businesses worldwide. Since March 2023, this ransomware group has impacted more than 250 organizations across North America,…

Read more →