Cloud VPNs have become essential for both businesses and individuals seeking secure, private, and reliable internet access in 2025. As cyber threats evolve and remote work becomes the norm, choosing the right cloud VPN provider is crucial for safeguarding sensitive…
Tag: Cyber Security News
Hackers Allegedly Selling WinRAR 0-day Exploit on Dark Web Forums for $80,000
A threat actor using the handle “zeroplayer” advertised a previously unknown remote-code-execution (RCE) exploit for WinRAR on an underground forum. The post, titled “WINRAR RCE 0DAY – 80,000$,” claims the flaw works “fully on the latest version of WinRAR and…
11 Best Cloud Access Security Broker Software (CASB) – 2025
As organizations accelerate digital transformation, the need for robust cloud security has never been greater. Cloud Access Security Broker (CASB) software stands at the forefront, acting as the critical gatekeeper between users and cloud service providers. With the explosion of…
Grok-4 Jailbreaked With Combination of Echo Chamber and Crescendo Attack
Grok-4 has been jailbroken using a new strategy that combines two different jailbreak methods to bypass artificial intelligence security measures. This raises concerns over the vulnerability of large language models (LLMs) to sophisticated adversarial attacks. Key Takeaways1. Researchers merged Echo…
Top 11 Passwordless Authentication Tools – 2025
In 2025, passwordless authentication tools are transforming digital security by eliminating the need for traditional passwords and introducing advanced, user-friendly authentication methods. With cyber threats on the rise and user experience at the forefront, organizations are rapidly adopting these solutions…
Top 10 Cyber Attack Maps to See Digital Threats In 2025
In 2025, the digital threat landscape is more dynamic and complex than ever. Cyber attacks are escalating in frequency, sophistication, and impact, targeting businesses, governments, and individuals worldwide. Real-time visibility into these threats is essential for proactive defense, strategic planning,…
Google Gemini for Workspace Vulnerability Lets Attackers Hide Malicious Scripts in Emails
Security researchers have uncovered a significant vulnerability in Google Gemini for Workspace that enables threat actors to embed hidden malicious instructions within emails. The attack exploits the AI assistant’s “Summarize this email” feature to display fabricated security warnings that appear…
Weekly Cybersecurity Roundup: Key Vulnerabilities, Threats, and Data Breaches
In today’s rapidly evolving digital landscape, the frequency and complexity of cyberattacks are increasing, making it crucial to stay informed about emerging threats. Our weekly newsletter serves as a vital resource, offering an overview of pertinent cybersecurity developments, expert analysis,…
GPUHammer – First Rowhammer Attack Targeting NVIDIA GPUs
Cybersecurity researchers at the University of Toronto have achieved a breakthrough in hardware-level attacks by successfully demonstrating GPUHammer, the first Rowhammer attack specifically targeting discrete NVIDIA GPUs. The research, which focuses on the popular NVIDIA A6000 GPU with GDDR6 memory,…
WordPress GravityForms Plugin Hacked to Include Malicious Code
A sophisticated supply chain attack has compromised the official GravityForms WordPress plugin, allowing attackers to inject malicious code that enables remote code execution on affected websites. The attack, discovered on July 11, 2025, represents a significant security breach affecting one…
OpenAI is to Launch a AI Web Browser in Coming Weeks
OpenAI is reportedly preparing to release an artificial intelligence-enhanced web browser within the coming weeks, marking the company’s latest expansion beyond its popular ChatGPT platform. The new browser will feature integrated AI agent capabilities designed to autonomously handle various online…
Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability
Trendyol’s application security team uncovered a series of bypasses that render Meta’s Llama Firewall protections unreliable against sophisticated prompt injection attacks. The findings raise fresh concerns about the readiness of existing LLM security measures and underscore the urgent need for…
AWS Organizations Mis-scoped Managed Policy Let Hackers To Take Full AWS Organization Control
A critical security vulnerability in AWS Organizations has been discovered that could allow attackers to achieve complete control over entire multi-account AWS environments through a mis-scoped managed policy. The flaw, identified in the AmazonGuardDutyFullAccess managed policy version 1, enables privilege…
Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
The ransomware landscape witnessed a dramatic shift in June 2025 as the Qilin ransomware group surged to become the most active threat actor, recording 81 victims and representing a staggering 47.3% increase in activity compared to previous months. This Ransomware-as-a-Service…
Microsoft Eliminated High-Privilege Access to Enhance Microsoft 365 Security
Microsoft has successfully eliminated high-privilege access vulnerabilities across its Microsoft 365 ecosystem as part of its comprehensive Secure Future Initiative, marking a significant milestone in enterprise security architecture. The technology giant’s Deputy Chief Information Security Officer for Experiences and Devices,…
Infostealers Actively Attacking macOS Users in The Wild to Steal Sensitive Data
The cybersecurity landscape is witnessing an alarming surge in macOS-targeted information-stealing malware, marking a significant shift from the traditional Windows-centric threat model. These sophisticated infostealers are rapidly evolving to exploit macOS environments with unprecedented precision, targeting valuable data including browser…
CISA Warns of CitrixBleed 2 Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Citrix NetScaler ADC and Gateway products that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-5777, has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog with…
FBI Atlanta Seizes Major Video Game Piracy Websites in International Operation
The Federal Bureau of Investigation’s Atlanta Field Office announced today the seizure of several major online criminal marketplaces that provided pirated versions of popular video games, dismantling a multi-million dollar piracy operation that caused an estimated $170 million in losses…
CISA Releases 13 New Industrial Control Systems Surrounding Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has released thirteen critical Industrial Control Systems (ICS) advisories on July 10, 2025, highlighting significant vulnerabilities affecting major industrial automation vendors. This comprehensive security alert encompasses multiple attack vectors targeting essential infrastructure components,…
Iranian APTs Hackers Actively Attacking Transportation and Manufacturing Sectors
Iranian state-sponsored threat actors have intensified their cyberattacks against critical infrastructure in the United States, with a dramatic 133% increase in malicious activity recorded during May and June 2025. The escalation coincides with heightened geopolitical tensions surrounding the recent Iranian…