Critical vulnerabilities in Amazon Elastic Kubernetes Service (EKS) allow overprivileged containers to expose sensitive AWS credentials through packet sniffing and API spoofing attacks. The investigation, published on June 19, 2025, demonstrates how misconfigured containers can facilitate unauthorized access and privilege…
Tag: Cyber Security News
Weekly Cybersecurity News Recap – Top Vulnerabilities, Threat and Data Breaches
In our fast-paced, interconnected world, the dangers of cyberattacks are becoming more frequent and complex. That’s why it’s more important than ever to stay updated and aware of the risks. Every week, our newsletter offers a simple roundup of the…
Threat Actor Allegedly Selling FortiGate API Exploit Tool Targeting FortiOS
A threat actor has reportedly put up for sale a sophisticated FortiGate API exploit tool on a dark web marketplace, igniting significant concern within the cybersecurity community. The tool, which is being marketed for a price of $12,000 and comes…
Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems
A critical buffer overflow vulnerability in OpenVPN’s data channel offload driver for Windows has been discovered, allowing local attackers to crash Windows systems by sending maliciously crafted control messages. The vulnerability, identified as CVE-2025-50054, affects the ovpn-dco-win driver versions 1.3.0…
DuckDuckGo Rolls Out New Scam Blocker to Protect Users from Online Threats
DuckDuckGo has significantly upgraded its Scam Blocker feature to protect users against a broader range of digital threats, including sham e-commerce platforms, fake cryptocurrency exchanges, and “scareware” tactics. This enhancement comes as consumers reported $12.5 billion in fraud losses to…
How Smart Timesheet Software Is Changing the Way of Work
As an employee have been managing projects in remote, hybrid, and traditional work environments, employees have always faced the same challenge: the inability to understand where time, actually is spent. Regular tasks are not completed on time as they are…
Microsoft Warns of OneDrive Bug that Causes Searches to Appear Blank
Microsoft has acknowledged a significant bug affecting OneDrive personal accounts that is causing search results to appear blank, preventing users from locating files they know exist within their cloud storage. The tech giant is actively investigating the issue, which appears…
Microsoft Announces New Security Defaults for Windows 365 Cloud PCs
Microsoft unveiled significant security enhancements for Windows 365 Cloud PCs on June 18, 2025, introducing new default configurations that prioritize data protection and system integrity. The updates include disabling clipboard, drive, USB, and printer redirections by default, while enabling advanced…
Prometei Botnet Attacking Linux Servers to Mine Cryptocurrency
Cybersecurity researchers have uncovered a significant resurgence of the Prometei botnet, a sophisticated malware operation targeting Linux servers for cryptocurrency mining and credential theft. This latest campaign, observed since March 2025, demonstrates the evolving nature of cryptomining malware and its…
Beware of Weaponized MSI Installer Mimic as WhatsApp Delivers Modified XWorm RAT
Cybersecurity professionals across East and Southeast Asia are facing a sophisticated new threat as China-linked attackers deploy a weaponized MSI installer disguised as a legitimate WhatsApp setup package. This malicious campaign represents a significant escalation in social engineering tactics, leveraging…
Mocha Manakin Using Paste and Run Technique to Trick Users Into Downloading Malicious Payloads
A sophisticated new threat actor known as Mocha Manakin has emerged in the cybersecurity landscape, employing an increasingly popular social engineering technique called “paste and run” to deceive users into executing malicious scripts on their systems. This deceptive method has…
Record Breaking 7.3 Tbps DDoS Attack Blasting 37.4 Terabytes in Just 45 Seconds
The largest distributed denial-of-service (DDoS) attack ever documented was successfully stopped by Cloudflare in mid-May 2025, with attackers unleashing a devastating 7.3 terabits per second (Tbps) attack that delivered 37.4 terabytes of malicious traffic in just 45 seconds. This unprecedented…
Threat Actors Poisoning Google Search Results to Display The Scammer’s Phone Number Instead of Real Number
In a concerning development for internet users, cybercriminals have devised a sophisticated new technique to manipulate Google search results, effectively poisoning them to display fraudulent contact information. Unlike traditional phishing schemes that rely on fake websites, this novel approach leverages…
Hackers Exploit ComfyUI 700+ AI Image Generation Servers to Deploy Malware
A sophisticated malware campaign targeting ComfyUI, a popular AI image generation framework, has successfully compromised at least 695 servers worldwide, security researchers have discovered. The attack represents a significant escalation in threats against AI infrastructure, exploiting vulnerabilities in ComfyUI to…
Threat Actors Leverage Hosting Platform Vercel to Deliver Remote Access Malware
Cybercriminals have discovered a sophisticated new method to distribute malicious remote access tools by exploiting Vercel, a legitimate frontend hosting platform, to host convincing phishing pages that deliver weaponized versions of LogMeIn software. This emerging threat demonstrates how attackers increasingly…
Insomnia API Client Vulnerability Arbitrary Code Execution via Template Injection
A severe security vulnerability has been discovered in the widely-used Insomnia API Client that allows attackers to execute arbitrary code through malicious template injection. The vulnerability, tracked as CVE-2025-1087 and assigned a critical CVSS score of 9.3, affects the popular…
ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution
Multiple high-severity vulnerabilities, including a dangerous buffer overflow capable of remote code execution, have been fixed in critical security updates released by the ClamAV team for versions 1.4.3 and 1.0.9. These patch releases target several security issues that affect all…
New TxTag Phishing Attack Leverages .gov Domain to Trick Employees
A sophisticated phishing campaign targeting employees with fake toll payment notices has been identified, combining government domain spoofing with social engineering tactics. The attackers craft messages claiming to be from TxTag, warning recipients that their accounts face suspension unless outstanding…
PowerShell Loaders With In-Memory Execution Techniques To Evade Disk-Based Detection
Cybersecurity researchers have uncovered a sophisticated PowerShell-based attack campaign that leverages advanced in-memory execution techniques to bypass traditional disk-based security controls. The malicious infrastructure spans across Chinese, Russian, and global hosting providers, demonstrating the international scope of modern cyber threats.…
Hackers Exploit Atlassian’s Model Context Protocol by Submitting a Malicious Support Ticket
A sophisticated attack vector targeting Atlassian’s Model Context Protocol (MCP) that allows external threat actors to gain privileged access to internal systems through malicious support tickets. The attack, dubbed “Living off AI,” exploits the trust boundary between external users submitting…