Global advertising and marketing giant Dentsu has confirmed that its U.S.-based subsidiary Merkle experienced a cyberattack, prompting immediate incident response measures and system shutdowns to contain the breach. The company detected abnormal activity within Merkle’s network infrastructure, which led to…
Tag: Cyber Security News
Canada Warns of Hackers Breached ICS Devices Controlling Water and Energy Facilities
Canadian authorities have issued an urgent alert following multiple confirmed incidents where cybercriminals compromised internet-accessible Industrial Control Systems (ICS) devices protecting critical infrastructure across the nation. The Canadian Centre for Cyber Security and the Royal Canadian Mounted Police report that…
New Attack Combines Ghost SPNs and Kerberos Reflection to Elevate Privileges on SMB Servers
A sophisticated privilege escalation vulnerability in Windows SMB servers, leveraging Ghost Service Principal Names (SPNs) and Kerberos authentication reflection to achieve remote SYSTEM-level access. Microsoft designated this as CVE-2025-58726, an “SMB Server Elevation of Privilege” flaw impacting all Windows versions…
PolarEdge Botnet Infected 25,000+ Devices and 140 C2 Servers Exploiting IoT Vulnerabilities
A sophisticated botnet campaign has compromised more than 25,000 IoT devices across 40 countries while establishing 140 command-and-control servers to facilitate cybercrime operations. The PolarEdge botnet, first disclosed in February 2025, exploits vulnerable IoT and edge devices to construct an…
Chrome 142 Released With Fix for 20 Vulnerabilities that Allows Malicious Code Execution
Google has officially promoted Chrome 142 to the stable channel, delivering critical security updates for Windows, Mac, and Linux users. The rollout begins immediately and will continue over the next few days or weeks, ensuring widespread protection against newly discovered…
CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability
In a critical update issued on October 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) has provided organizations with enhanced guidance on detecting and mitigating threat activity related to the actively exploited CVE-2025-59287 vulnerability in Microsoft’s Windows Server Update…
EY Data Leak – Massive 4TB SQL Server Backup Exposed Publicly on Microsoft Azure
A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible on Microsoft Azure. The exposure, uncovered by cybersecurity firm Neo Security during a routine asset mapping exercise, highlights how even…
New Gentlemen’s RaaS Advertised on Hacking Forums Targeting Windows, Linux and ESXi Systems
A newly discovered ransomware-as-a-service platform called Gentlemen’s RaaS has recently emerged on underground hacking forums, offering threat actors a sophisticated cross-platform attack capability. The service, advertised by the threat actor known as zeta88, represents a significant expansion in ransomware delivery…
Emerging Cyber Threats Featuring QR Codes ClickFix and LOLBins Challenging SOC Defenses
Cybersecurity experts at ANY.RUN recently unveiled alarming trends in how attackers are exploiting everyday technologies to bypass security operations centers (SOCs). They dissected tactics like QR code phishing, ClickFix social engineering, and Living Off the Land Binaries (LOLBins), showing how…
Threat Actors Weaponizes Judicial Documents to Deliver PureHVNC RAT
Between August and October 2025, a sophisticated phishing campaign has emerged targeting Colombian and Spanish-speaking users through deceptive emails masquerading as official communications from Colombia’s Attorney General’s office. The campaign employs a carefully crafted social engineering strategy, luring victims with…
Russian Hackers Attacking Government Entity Using Stealthy Living-Off-the-Land Tactics
Ukrainian government organizations continue facing relentless cyber threats from Russian-backed threat actors employing sophisticated evasion techniques to maintain persistent network access. Recent investigations have uncovered coordinated campaigns targeting critical infrastructure and government entities, with attackers deploying advanced tactics that circumvent…
New TEE.fail Attack Breaks Trusted Environments to Exfiltrate Secrets from Intel and AMD DDR5 Environments
A groundbreaking security vulnerability has emerged that fundamentally challenges the integrity of modern trusted execution environments across Intel and AMD server platforms. Researchers from Georgia Tech, Purdue University, and van Schaik LLC have unveiled TEE.fail, a sophisticated attack methodology that…
Microsoft DNS Outage Disrupts Azure and Microsoft 365 Services Worldwide
Microsoft reported a DNS-related outage on October 29, 2025, affecting access to key services, including Microsoft Azure and Microsoft 365. The issue surfaced around 9:37 PM GMT+5:30, leaving users unable to reach the Microsoft 365 admin center and experiencing widespread…
Google Unveils Guide for Defenders to Monitor Privileged User Accounts
In response to escalating threats of credential theft, Google, through its Mandiant cybersecurity division, has unveiled a detailed guide to help defenders monitor and secure privileged accounts across modern IT environments. This resource emphasizes practical strategies to mitigate risks posed…
Gunra Ransomware Leveraging Attacking Windows and Linux Systems with Two Encryption Methods
The threat landscape continues to evolve as Gunra ransomware emerged in April 2025, establishing itself as a significant threat to organizations worldwide. This dual-platform attack group has demonstrated a systematic approach to compromising both Windows and Linux environments, making their…
Thousands of Exchange Servers in Germany Still Running with Out-of-Support Versions
Microsoft Exchange servers in Germany are still running without security updates, just weeks after the official end of support for key versions. The Federal Office for Information Security (BSI) issued a stark warning on October 28, 2025, revealing that 92%…
PoC Exploit Released for BIND 9 Vulnerability that Let Attackers Forge DNS Records
A public exploit code demonstrating how attackers could exploit CVE-2025-40778, a critical vulnerability in BIND 9 that enables DNS cache poisoning. The Internet Systems Consortium (ISC) initially disclosed this flaw on October 22, revealing a dangerous weakness in the world’s…
10 Malicious npm Packages with Auto-Run Feature on Install Deploys Multi-Stage Credential Harvester
The npm ecosystem faces a sophisticated new threat as ten malicious packages have emerged, each designed to automatically execute during installation and deploy a comprehensive credential harvesting operation. This attack campaign represents a significant evolution in supply chain compromises, combining…
Hackers Allegedly Claim Breach Of HSBC USA Customers’ Records Including Financial Details
A threat actor has claimed responsibility for breaching HSBC USA, alleging possession of a vast database containing sensitive customer personal identifiable information (PII) and financial details. The hacker posted screenshots and data samples on a dark web leak forum, asserting…
CISA Warns of Dassault Systèmes Vulnerabilities Actively Exploited in Attacks
CISA has added two critical vulnerabilities affecting Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities catalog, warning that threat actors are actively exploiting these security flaws in real-world attacks. The alert, issued on October 28, 2025, requires federal agencies…