Hill ASC Inc.’s $14.75 million settlement with the U.S. Department of Justice closes a five-year saga in which the Rockville-based contractor allegedly billed agencies for “highly adaptive” cybersecurity support it was never qualified to deliver. Investigators say Hill’s pitch hinged…
Tag: Cyber Security News
Octalyn Stealer Steals VPN Configurations, Passwords and Cookies in Structured Folders
A sophisticated new credential stealer disguised as a legitimate forensic toolkit has emerged on GitHub, targeting sensitive user data including VPN configurations, browser credentials, and cryptocurrency wallet information. The Octalyn Stealer, first identified in July 2025, presents itself as an…
VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host
Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems. The vulnerabilities, identified as CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, and CVE-2025-41239, carry CVSS scores ranging from 6.2 to…
Iranian Threat Actors Attacking U.S. Critical Infrastructure Including Water Systems
Iranian cyber operatives have intensified their assault on American critical infrastructure, with Intelligence Group 13 emerging as a primary threat actor targeting water treatment facilities, electrical grids, and industrial control systems across the United States. The group, operating under the…
BaitTrap – 17,000+ Fake News Websites Caught Promoting Investment Frauds
A massive network of fraudulent news websites has been uncovered, with cybersecurity researchers identifying over 17,000 Baiting News Sites (BNS) across 50 countries orchestrating sophisticated investment fraud schemes. These malicious platforms masquerade as legitimate news outlets, publishing fabricated stories featuring…
North Korean Hackers Weaponized 67 Malicious npm Packages to Deliver XORIndex Malware
North Korean threat actors have escalated their software supply chain attacks with the deployment of 67 malicious npm packages that collectively garnered over 17,000 downloads before detection. This latest campaign represents a significant expansion of the ongoing “Contagious Interview” operation,…
Google Chrome 0-day Vulnerability Actively Exploited in the Wild
Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed that CVE-2025-6558 is being leveraged by threat actors, prompting an immediate patch deployment across…
Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data
The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) infiltrations. This tactical transformation represents a significant escalation in…
North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups
North Korean threat actors have escalated their sophisticated cyber operations against cryptocurrency startups, deploying an evolved malware campaign that leverages fraudulent Zoom meeting invitations to infiltrate target organizations. The campaign, which has been active for over a year, specifically targets…
Ransomware Gangs Actively Expanding to Attack VMware and Linux Systems
The cybersecurity landscape has experienced a dramatic shift as ransomware operators increasingly target Linux and VMware environments, abandoning their traditional focus on Windows systems. Recent threat intelligence indicates that criminal groups are developing sophisticated, Linux-native ransomware specifically engineered to exploit…
NCSC Urges Organizations to Upgrade Microsoft Windows 11 to Defend Cyberattacks
The National Cyber Security Centre (NCSC) has issued a critical advisory urging organizations to prioritize upgrading to Windows 11 before the October 14, 2025 end-of-life deadline for Windows 10. This recommendation comes amid growing concerns about the cybersecurity implications of…
Apache Tomcat Coyote Vulnerability Let Attackers Trigger DoS Attack
A newly disclosed flaw in Apache Tomcat’s Coyote engine—tracked as CVE-2025-53506—has surfaced in the latest round of HTTP/2 security advisories. First noted in the National Vulnerability Database five days ago, the weakness stems from Coyote’s failure to enforce a hard…
Hackers Breaking Internet with 7.3 Tbps and 4.8 Billion Packets Per Second DDoS Attack
The cybersecurity landscape has witnessed a paradigm shift in 2025, with Distributed Denial of Service (DDoS) attacks reaching unprecedented levels of scale and sophistication. The second quarter of 2025 has marked a historic milestone with the largest DDoS attack ever…
How SOC Teams Reduce MTTD And MTTR With Threat Context Enrichment
Security Operations Centers (SOCs) face a fundamental challenge: distinguishing genuine threats from false positives while maintaining rapid response times. The key to meeting this challenge lies in enriching threat data with actionable context that enables faster, more informed decision-making. Core…
Konfety Android Malware on Google Play Uses ZIP Manipulation to Imitate Legitimate Apps
Sophisticated Android malware variant exploits ZIP-level manipulation and dynamic code loading to evade detection while conducting ad fraud operations targeting mobile users globally. Zimperium’s zLabs security research team has identified a new and highly sophisticated variant of the Konfety Android…
Threat Actors Mimic CNN, BBC, and CNBC Websites to Promote Investment Scams
Cybersecurity researchers have identified a sophisticated international fraud campaign that leverages impersonated news websites from major outlets including CNN, BBC, CNBC, News24, and ABC News to orchestrate large-scale investment scams. The operation demonstrates advanced social engineering tactics combined with technical…
GLOBAL GROUP RaaS Operators Enable AI-powered Negotiation Functionality
A sophisticated new ransomware-as-a-service operation has emerged with advanced AI-powered negotiation capabilities and mobile management features, targeting organizations across healthcare, automotive, and industrial sectors. GLOBAL GROUP, operated by threat actor “$$$”, has claimed 17 victims across multiple countries since its…
PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability
A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS severity score of 8.1/10, allows attackers to achieve remote code execution through maliciously crafted…
British Citizen Jailed for Islamophobic WiFi Hack at UK Train Stations
A British man has been sentenced to 24 months’ imprisonment, suspended for 24 months, after pleading guilty to hijacking WiFi networks at major UK train stations. Also, users were directed to Islamophobic content that referenced prior terrorist acts, causing significant…
Hackers Leveraging AWS Lambda URLs Endpoints to Attack Governments Organizations
A previously unreported Windows backdoor dubbed “HazyBeacon” has emerged in a stealthy espionage campaign that began in late 2024 and is still unfolding across several Southeast Asian government networks. The operators exploit the public URL feature of AWS Lambda—originally designed…