Apache SeaTunnel, the widely used distributed data integration platform, has disclosed a significant security vulnerability that enables unauthorized users to execute arbitrary file read operations and deserialization attacks through its RESTful API interface. The vulnerability, tracked as CVE-2025-32896 and reported…
Tag: Cyber Security News
AntiDot – 3-in-1 Android Malware Let Attackers Full Control of Compromised Devices
A sophisticated new Android botnet malware called AntiDot has emerged as a significant threat to mobile device security, offering cybercriminals unprecedented control over infected devices. This malicious software operates as part of a Malware-as-a-Service (MaaS) model, marketed by threat actor…
Massive 16 Billion Passwords From Apple, Facebook, Google and More Leaked From 320 Million Computers
A new report has uncovered a staggering 16 billion login credentials from major platforms, including Apple, Facebook, Google, GitHub, Telegram, and government services. The massive leak, discovered through 30 separate datasets, represents an unprecedented threat to global cybersecurity and digital…
IBM QRadar SIEM Vulnerabilities Allows Attackers to Execute Arbitrary Commands
Multiple high-severity vulnerabilities in IBM QRadar SIEM could allow attackers to execute arbitrary commands and access sensitive data. The most critical flaw, tracked as CVE-2025-33117, carries a CVSS score of 9.1 and enables privileged users to upload malicious files that…
GodFather Android Malware Leverages On-Device Virtualization Technique to Hijack Legitimate Banking Apps
A sophisticated evolution of the GodFather banking malware has emerged, introducing a groundbreaking attack methodology that exploits on-device virtualization to compromise legitimate mobile applications. This advanced threat represents a significant departure from traditional overlay attacks, creating complete isolated virtual environments…
Tesla Wall Connector Charger Hacked Through Charging Port in 18-Minute Attack
Tesla’s popular Wall Connector home charging system was exploited during the January 2025 Pwn2Own Automotive competition, demonstrating how attackers could gain control of the device through the charging cable itself. The groundbreaking attack targeted the Tesla Wall Connector Gen 3,…
New Sophisticated Attack Exploits Google App Passwords to Bypass Multi-Factor Authentication
A sophisticated Russian state-sponsored cyber operation has successfully exploited Google’s App-Specific Password (ASP) feature to bypass multi-factor authentication protections, targeting prominent critics of Russia in a campaign that demonstrates the evolving threat landscape facing high-profile individuals. The attack, attributed to…
Qilin Ransomware Emerges as World’s Top Threat, Demands $50 Million Ransom
Qilin ransomware has rapidly ascended to become the world’s most prevalent ransomware threat, accumulating over $50 million in ransom payments throughout 2024 alone. Originally developed as ‘Agent’ in 2022 and later recorded in the Rust programming language, this sophisticated malware…
Silver Fox APT Using Weaponized Medical Software to Deploy Remote Access Tools & Disable AV
A sophisticated China-based advanced persistent threat group known as Silver Fox has emerged as a significant cybersecurity concern, leveraging trojanized medical software to infiltrate healthcare organizations and public sector entities. Active since 2024, this state-sponsored group has demonstrated advanced capabilities…
North Korean Hackers Using Weaponized Calendly and Google Meet Link to Deliver Malware
A sophisticated North Korean Advanced Persistent Threat (APT) group has been identified deploying malware through weaponized meeting scheduling platforms, targeting cryptocurrency organizations with an elaborate social engineering campaign that combines deepfake technology, legitimate meeting tools, and advanced macOS malware. The…
100,000+ WordPress Sites Exposed to Privilege Escalation Attacks via MCP AI Engine
A critical security vulnerability has emerged in the WordPress ecosystem, exposing over 100,000 websites to privilege escalation attacks through the AI Engine plugin’s Model Context Protocol (MCP) implementation. The vulnerability, designated CVE-2025-5071 with a high CVSS rating of 8.8, affects…
jQuery Migrate Library Silently Compromised to Steal Logins Using Parrot Traffic Direction System
A sophisticated supply chain attack has emerged that weaponizes the trusted jQuery Migrate library to deliver stealthy malware capable of harvesting user credentials and session data. Security researchers discovered this campaign after investigating unusual online behavior from a senior executive…
Gamers Under Attack! Fake Minecraft Mods Allow Attackers to Control Your System
The gaming community faces a sophisticated new threat as cybercriminals exploit the massive popularity of Minecraft to distribute advanced malware through fake modifications. With over 200 million monthly active players and more than 1 million users actively involved in modding,…
60+ GitHub Repositories Exploited to Store Windows-Based Payloads to Steal Sensitive Data
A sophisticated supply chain attack campaign has emerged targeting software developers through the exploitation of over 60 GitHub repositories containing trojanized Python files designed to steal sensitive Windows-based data. The threat actor, known as Banana Squad, has demonstrated remarkable stealth…
Microsoft Entra ID Expands Passkey (FIDO2) Authentication Methods for Public Preview
Microsoft is expanding the number of passkey authentication methods available in Microsoft Entra ID to improve its identity and access management features. The public preview rollout is scheduled to commence in mid-October 2025, with full deployment expected by mid-November 2025. …
Android Spyware SpyNote That Mimicked Google Translate Hosted in Open Directories
Cybersecurity researchers have uncovered a sophisticated Android spyware campaign involving SpyNote malware cleverly disguised as legitimate applications, including Google Translate, hosted in unsecured open directories across the internet. This discovery highlights the evolving tactics employed by cybercriminals to distribute malicious…
Hackers Deliver Amatera Stealer via Sophisticated Web Injection & Anti-Analysis Features
Cybercriminals have unleashed a new and sophisticated information stealer called Amatera Stealer, which represents a significant evolution in malware-as-a-service offerings targeting sensitive user data. This malicious software emerged as a rebranded and enhanced version of the previously known ACR Stealer,…
Krispy Kreme Confirms Data Breach – Personal Information Stolen by Attackers
Krispy Kreme Doughnut Corporation has confirmed a significant data security incident affecting thousands of current and former employees, along with their family members, following unauthorized access to company systems discovered in late November 2024. The popular doughnut chain became aware…
Hackers Leverage VBScript Files to Deploy Masslogger Credential Stealer Malware
A sophisticated new variant of the Masslogger credential stealer has emerged, utilizing VBScript encoded (.VBE) files to deploy a multi-stage fileless malware campaign that operates entirely from the Windows Registry. This advanced threat represents a significant evolution in information-stealing malware,…
Jitter-Trap – A New Technique to Detect Stealthy Beacon Traffic
A new detection method called Jitter-Trap that turns cybercriminals’ own evasion tactics against them, offering new hope in the battle against sophisticated post-exploitation attacks. Released on June 18, 2025, this technique focuses on identifying stealthy beacon communications that traditional security…