A large-scale web skimming operation has emerged across the internet, targeting online shoppers and account holders with unprecedented scope. Security researchers have identified an over 50-script global campaign that intercepts sensitive information during checkout and account creation processes. The attack…
Tag: Cyber Security News
ESET Warns AI-driven Malware Attack and Rapidly Growing Ransomware Economy
The cybersecurity landscape has reached a critical turning point as artificial intelligence moves from theoretical threat to operational reality. In their H2 2025 Threat Report, ESET researchers have documented a disturbing shift in how attackers operate, revealing that AI-powered malware…
Hackers Infiltrated Maven Central Masquerading as a Legitimate Jackson JSON Library
A new malware campaign has successfully infiltrated Maven Central, one of the most trusted repositories for Java developers, by masquerading as a legitimate Jackson JSON library extension. The malicious package, published under the org.fasterxml.jackson.core/jackson-databind namespace, represents one of the first…
European Space Agency Confirms Breach of Servers Outside the Corporate Network
The European Space Agency (ESA) has confirmed a cybersecurity breach affecting a limited number of external servers, marking a rare public admission of vulnerability in the continent’s premier space organization. In an official statement released Tuesday, ESA disclosed: “ESA is…
New Spear-Phishing Attack Targeting Security Individuals in Israel Region
Israel’s National Cyber Directorate recently issued an urgent alert about a targeted spear-phishing attack aimed at people working in security and defense-related areas. The campaign uses WhatsApp messages that pretend to come from trusted organizations, inviting targets to professional conferences.…
Chinese Hackers Use Rootkit to Hide ToneShell Malware Activity
A Chinese-linked threat group tied to the HoneyMyte, also known as Mustang Panda or Bronze President, is using a new kernel rootkit to hide its ToneShell backdoor. The campaign has hit government networks across Southeast and East Asia, with the…
CISA Warns of MongoDB Server Vulnerability(CVE-2025-14847) Exploited in Attacks
CISA has added a critical MongoDB Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in cyberattacks. CVE-2025-14847 affects MongoDB Server and allows unauthenticated attackers to read uninitialized heap memory due to…
Critical Vulnerability in SmarterMail Let Attackers Execute Remote Code
SmarterTools has issued an urgent security advisory addressing a critical vulnerability in SmarterMail that could allow attackers to execute remote code on mail servers. The flaw, tracked as CVE-2025-52691, poses a severe threat to organizations using the affected versions. The…
Hackers Exploit Copilot Studio’s New Connected Agents Feature to Gain Backdoor Access
Microsoft’s newly unveiled “Connected Agents” feature in Copilot Studio, announced at Build 2025, is creating a significant security vulnerability. Attackers are already exploiting to gain unauthorized backdoor access to critical business systems. Connected Agents enables AI-to-AI integration, allowing agents to…
Critical 0-Day RCE Vulnerability in Networking Devices Exposes 70,000+ Hosts
A critical zero-day vulnerability has been discovered in XSpeeder’s SXZOS firmware, affecting tens of thousands of SD-WAN appliances, edge routers, and smart TV controllers deployed globally. The vulnerability, designated PWN-25-01, enables unauthenticated remote code execution (RCE) with root-level privileges through…
70,000+ MongoDB Servers Vulnerable to MongoBleed Exploit – PoC Released
A critical vulnerability in MongoDB Server is putting tens of thousands of databases worldwide at risk. Dubbed MongoBleed and tracked as CVE-2025-14847, this high-severity flaw allows unauthenticated attackers to remotely extract sensitive data from server memory without credentials. The Shadow Server Foundation disclosed…
EmEditor Editor Website Hacked to Deliver Infostealer Malware in Supply Chain Attack
A major supply chain attack targeting EmEditor, a widely used text editor software, has exposed millions of users to sophisticated infostealer malware. Between December 19 and December 22, 2025, the official EmEditor website fell victim to unauthorized modification, serving compromised…
New Phishing Kit with AI-assisted Development Attacking Microsoft Users to Steal Logins
A Spanish-speaking phishing operation targeting Microsoft Outlook users has been active since March 2025, using a sophisticated kit that shows clear indicators of AI-assisted development. The campaign, tracked through a unique signature of four mushroom emojis embedded in the string…
Silver Fox Hackers Attacking Indian Entities with Income Tax Phishing Lures
Chinese threat actors operating under the name Silver Fox are targeting Indian organizations through sophisticated phishing campaigns that impersonate legitimate income tax documents. The attack campaign uses authentic-looking Income Tax Department emails to trick users into downloading a malicious executable…
Windows Event Logs Reveal the Messy Reality Behind ‘Sophisticated’ Cyberattacks
Public reports about cyberattacks often present a polished picture—threat actors working methodically through a well-planned playbook with every action perfectly executed. This perception leads many to believe that modern attackers operate with machine-like precision, seamlessly moving from one objective to…
Hacktivist Proxy Operations Emerge as a Repeatable Model of Geopolitical Cyber Pressure
A new form of cyber disruption is reshaping the landscape of modern conflict. Hacktivist groups are increasingly operating as strategic instruments of state pressure, launching coordinated attacks that align perfectly with geopolitical events such as sanctions announcements and military aid…
New Vulnerabilities in Bluetooth Headphones Let Hackers Hijack Connected Smartphone
Security researchers have disclosed critical vulnerabilities affecting widely used Bluetooth headphones and earbuds that could allow attackers to eavesdrop on conversations, steal sensitive data, and even hijack connected smartphones. The flaws, identified as CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702, impact devices powered…
2.5 Million+ Malicious Request From Hackers Attacking Adobe ColdFusion Servers
A coordinated exploitation campaign that generated more than 2.5 million malicious requests against Adobe ColdFusion servers and 47+ other technology platforms during the Christmas 2025 holiday period. The operation was attributed to a single threat actor operating from Japan-based infrastructure.…
Hacker Threw MacBook in River to Erase Evidence in Coupang Data Breach
In a desperate attempt to cover his tracks, the hacker behind Coupang’s massive personal data leak hurled his MacBook Air into a nearby river, only for company investigators to fish it out days later. This cinematic twist emerged as South…
Windows LPE Vulnerabilities via Kernel Drivers and Named Pipes Allows Privilege Escalation
Security researchers are increasingly focusing on privilege escalation attacks through two primary Windows attack surfaces: kernel drivers and named pipes. These vectors exploit fundamental trust boundary weaknesses between the user and kernel modes. Enabling attackers to escalate from standard user…