A newly disclosed vulnerability in Kubernetes has been identified that could allow compromised nodes to bypass critical authorization checks within the container orchestration platform. The security flaw, tracked as CVE-2025-4563, affects the NodeRestriction admission controller and poses potential risks for…
Tag: Cyber Security News
Hacktivist Groups Attacking U.S. Companies & Military Domains Following Attacks on Iran
The cybersecurity landscape has witnessed dramatic escalation in hacktivist activities targeting U.S. infrastructure following geopolitical tensions in the Middle East. Following U.S. airstrikes on Iranian nuclear facilities on June 21, 2025, multiple pro-Iranian hacktivist groups launched coordinated distributed denial-of-service (DDoS)…
Threat Actors Distribute Hacked Version of SonicWall’s SSL VPN NetExtender to Steal Sensitive Data
Cybersecurity researchers have uncovered a sophisticated malware campaign targeting SonicWall’s SSL VPN NetExtender users through a meticulously crafted Trojanized version of the legitimate remote access software. The malicious campaign, operating through impersonated websites, distributes a modified version of NetExtender 10.3.2.27…
Chrome Security Update: Patch for 11 Vulnerabilities Enabling Malicious Code Execution
Google Chrome has released a critical security update addressing 11 vulnerabilities that could potentially allow malicious code execution on user systems. The Chrome 138.0.7204.49 stable channel update, announced on Tuesday, June 24, 2025, represents a significant security milestone as the…
Threat Actors Poison Search Results & Exploits Popularity of ChatGPT and Luma AI to Deliver Malicious Payloads
Cybercriminals are increasingly exploiting the widespread fascination with artificial intelligence tools, leveraging the popularity of platforms like ChatGPT and Luma AI to orchestrate sophisticated malware distribution campaigns. These threat actors have developed an intricate web of deceptive websites designed to…
CISA Releases Guide to Reduce Memory Safety Vulnerabilities in Modern Software Development
The CISA and the NSA have jointly released a comprehensive guide addressing one of the most persistent and dangerous classes of software vulnerabilities: memory safety issues. Published in June 2025, the document “Memory Safe Languages: Reducing Vulnerabilities in Modern Software…
Critical Kibana Vulnerabilities Allows Heap Corruption and Remote Code Execution
A severe heap corruption vulnerability in Kibana could let attackers achieve remote code execution using specially crafted HTML pages. The vulnerability, designated as CVE-2025-2135, stems from a Type Confusion flaw in the underlying Chromium engine and carries a maximum CVSSv3.1…
Linux CentOS Web Panel Vulnerability Let Attackers Execute Malicious Remote Code – PoC Released
A critical security vulnerability in CentOS Web Panel (CWP) has been discovered that allows unauthenticated remote attackers to execute arbitrary commands on affected servers. The flaw, tracked as CVE-2025-48703, affects one of the most widely used free web hosting control…
Akamai Shares New Techniques for Defenders to Shutdown Cryptominer Attacks
Cybersecurity researchers at Akamai have unveiled groundbreaking defensive techniques capable of completely shutting down cryptomining botnets, marking a significant advancement in the fight against cryptocurrency-based cybercrime. The innovative approach, detailed in the final installment of Akamai’s “Cryptominers’ Anatomy” blog series,…
New U.S. Visa Rule Requires Applicants to Change Social Media Accounts Privacy to Public
The United States has introduced a sweeping new requirement for all applicants seeking F, M, or J nonimmigrant visas: effective immediately, individuals must set the privacy settings of all their personal social media accounts to “public” before submitting their visa…
NVIDIA Megatron LM Vulnerability Let Attackers Inject Malicious Code
Critical security vulnerabilities in NVIDIA Megatron LM large language model framework that could allow attackers to inject malicious code and gain unauthorized system access. The company released emergency security patches on June 24, 2025, addressing two high-severity vulnerabilities that affect…
CISA Issued ICS Advisories Covering Current Vulnerabilities and Exploits
CISA has issued eight Industrial Control Systems (ICS) advisories on June 24, 2025, highlighting significant security vulnerabilities across multiple vendors’ systems. The advisories, coded as ICSA-25-175-01 through ICSA-25-175-07, plus an update to a previously identified vulnerability (ICSA-19-029-02 Update B), provide…
APT Hackers Abuse Microsoft ClickOnce to Execute Malware as Trusted Host
A sophisticated new APT malware campaign has emerged, specifically targeting critical energy, oil, and gas infrastructure through an advanced exploitation of Microsoft ClickOnce technology. The campaign, designated as OneClik by cybersecurity researchers, represents a significant evolution in attack methodologies, demonstrating…
TeamViewer for Windows Vulnerability Let Attackers Delete Files Using SYSTEM Privileges
A significant security vulnerability in the TeamViewer Remote Management solution for Windows that could allow attackers with local access to delete arbitrary files with SYSTEM privileges, potentially leading to privilege escalation. The vulnerability, identified as CVE-2025-36537, was announced on June…
NCSC Warns of SHOE RACK Malware Using DOH & SSH Protocol for Attacking Fortinet Firewalls
The UK’s National Cyber Security Centre (NCSC) has issued a critical warning about a sophisticated post-exploitation malware strain dubbed SHOE RACK, which leverages an unusual combination of DNS-over-HTTPS (DOH) and SSH protocols to establish persistent backdoor access on compromised systems.…
New DRAT V2 Updates C2 Protocol Expands Functional Capabilities With Shell Command Execution
A sophisticated evolution in the cyber threat landscape has emerged with the discovery of DRAT V2, a significantly enhanced remote access trojan that demonstrates the continuing advancement of state-aligned threat actors targeting critical infrastructure. This latest iteration represents a strategic…
Gonjeshke Darande Threat Actors Pose as Hacktivist Infiltrated Iranian Crypto Exchange
In a significant escalation of cyber warfare in the Middle East, suspected Israeli state-sponsored threat actors operating under the name “Gonjeshke Darande” (Predatory Sparrow) successfully infiltrated Nobitex, Iran’s largest cryptocurrency exchange, on June 18, 2025. Rather than extracting funds for…
New FileFix Attack Abuses Windows File Explorer to Execute Malicious Commands
A novel social engineering technique called “FileFix” that exploits Windows File Explorer’s address bar functionality to execute malicious commands, presenting a dangerous alternative to the increasingly popular ClickFix attack method. The technique, discovered by security researcher mr.d0x, leverages browser file…
Threat Actors Abuse ConnectWise Configuration to Build a Signed Malware
A sophisticated malware campaign has emerged that exploits legitimate ConnectWise remote access software to create validly signed malicious applications, representing a significant evolution in cybercriminal tactics. Since March 2025, security researchers have observed a dramatic increase in attacks using what…
Google Cloud Donates A2A Protocol to Linux Foundation Enables Secure, Intelligent Communication
Google Cloud has transferred its groundbreaking Agent2Agent (A2A) protocol to the Linux Foundation, marking a pivotal moment in artificial intelligence interoperability. The announcement, made at Open Source Summit North America on June 23, 2025, establishes a new collaborative framework for…