Tag: Cyber Security News

In a significant cybersecurity incident that underscored the persistent threat of ransomware attacks on global IT infrastructure, Ingram Micro Holding Corporation successfully restored its business operations after a four-day battle against malicious actors who infiltrated its internal systems. The attack,…

Read more →

The cybersecurity landscape witnessed a significant breach in early 2025 when Arkana Ransomware emerged as a formidable threat actor, making its debut with a devastating attack on WideOpenWest (WOW!), a major U.S. internet service provider. The attack, which occurred in…

Read more →

A critical security vulnerability in Fortinet’s FortiWeb Fabric Connector has been discovered and exploited, allowing attackers to execute remote code on affected systems without authentication. The vulnerability, designated CVE-2025-25257, represents a significant threat to organizations using Fortinet’s web application firewall…

Read more →

A critical stack-based buffer overflow in the D-Link DIR-825 Rev.B 2.10 router firmware allows unauthenticated, zero-click remote attackers to crash the device’s HTTP server.  Tracked as CVE-2025-7206, the flaw resides in the router’s httpd binary and stems from improper handling…

Read more →

A critical vulnerability in eSIM technology enables attackers to clone mobile subscriber profiles and hijack phone identities.  AG Security Research revealed they broke the security of Kigen eUICC cards with GSMA consumer certificates, marking what they claim is the first…

Read more →

The Rockerbox breach burst onto the threat-intelligence radar in early July 2025 when an unencrypted, 286.9 GB cloud repository holding 245,949 highly sensitive records was found openly indexed on the internet. Investigators traced the trove to Rockerbox, a Dallas-based tax-credit…

Read more →

The Apache Software Foundation has released Apache HTTP Server version 2.4.64, addressing eight critical security vulnerabilities that affected versions spanning from 2.4.0 through 2.4.63.  This latest update resolves a range of issues, including HTTP response splitting, server-side request forgery (SSRF),…

Read more →

Advanced Micro Devices has disclosed a series of critical security vulnerabilities affecting multiple generations of its processor architectures, stemming from transient scheduler attacks that exploit speculative execution mechanisms. The vulnerabilities, identified through four distinct Common Vulnerabilities and Exposures (CVE) entries,…

Read more →

A Russian professional basketball player has been arrested in France on charges of orchestrating one of the most extensive ransomware campaigns in recent history, targeting nearly 900 companies and federal institutions between 2020 and 2022.  The case highlights the growing…

Read more →

Microsoft has begun rolling out a redesigned error screen interface as part of Windows 11 Build 26100.4762, introducing what users are calling the “new Black Screen of Death.”  This update, released to the Release Preview Channel on July 10, 2025,…

Read more →

In today’s digital-first world, cybercrime is evolving rapidly, making digital forensic investigation tools indispensable for law enforcement, cybersecurity professionals, and corporate investigators. These tools empower experts to uncover, analyze, and present digital evidence from computers, mobile devices, cloud services, and…

Read more →

In today’s rapidly evolving IT landscape, system administrators (SysAdmins) are the backbone of organizational efficiency and security. The right tools not only streamline workflows but also ensure robust monitoring, automation, and troubleshooting. As infrastructures become increasingly hybrid and complex, the…

Read more →

Researchers have observed widespread exploitation attempts targeting a critical memory disclosure vulnerability in Citrix NetScaler devices, designated as CVE-2025-5777 and dubbed “CitrixBleed 2.”  This pre-authentication flaw enables attackers to craft malicious requests that leak uninitialized memory from affected NetScaler ADC…

Read more →

A critical security vulnerability has been discovered in the SureForms WordPress plugin, affecting over 200,000 websites worldwide and potentially exposing them to complete site takeover attacks. The vulnerability, assigned CVE-2025-6691 with a CVSS score of 8.8, allows unauthenticated attackers to…

Read more →

A critical vulnerability in Laravel applications exposes APP_KEY configuration values, enabling attackers to achieve remote code execution (RCE).  Collaborative research between GitGuardian and Synacktiv revealed that approximately 260,000 APP_KEYs have been exposed on GitHub since 2018, with over 600 applications…

Read more →

A sophisticated new variant of the macOS.ZuRu malware has emerged, targeting macOS users through a weaponized version of the popular Termius SSH client. This latest iteration, discovered in late May 2025, represents a significant evolution in the threat actor’s tactics,…

Read more →

The cybersecurity landscape continues to evolve with increasingly sophisticated malware variants, and a recent discovery highlights the persistent threat posed by advanced Android packers. Security researchers have identified a highly complex packer dubbed “Ducex,” which serves as a delivery mechanism…

Read more →

A sophisticated cybercrime operation has successfully stolen $500,000 in cryptocurrency assets from a Russian blockchain developer through a malicious extension targeting the Cursor AI integrated development environment. The attack, which occurred in June 2025, represents a concerning evolution in supply…

Read more →

Schneider Electric has disclosed a critical set of six vulnerabilities affecting its EcoStruxure IT Data Center Expert software that could allow attackers to execute remote code and gain unauthorized system access. The vulnerabilities, discovered in versions 8.3 and prior, present…

Read more →

Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to escalate their privileges to root access on macOS and Linux systems, or NT AUTHORITY\SYSTEM on Windows machines. The vulnerability, classified…

Read more →