A sophisticated phishing campaign targeting American citizens has emerged, exploiting the trusted reputation of state Departments of Motor Vehicles to harvest sensitive personal and financial information. In May 2025, cybercriminals launched a coordinated attack that impersonated multiple U.S. state DMVs,…
Tag: Cyber Security News
BlackHat AI Hacking Tool WormGPT Variant Powered by Grok and Mixtral
New variants of the notorious WormGPT hacking tool are emerging, now powered by commercial AI models like xAI’s Grok and Mistral AI’s Mixtral for malicious operations. The original WormGPT emerged in June 2023 as an uncensored generative AI tool built…
VMware Cloud Foundation 9.0 Released With Modern Workloads & AI Services
VMware has officially launched Cloud Foundation 9.0, marking a significant evolution in private cloud technology. Released on June 17, 2025, this major update redefines what a modern private cloud platform can deliver by combining public cloud flexibility with on-premises control,…
SCATTERED SPIDER Using Aggressive Social Engineering Techniques to Deceive IT Support Teams
A wave of sophisticated cyberattacks has swept across major organizations in the UK and US, with sectors ranging from hospitality and telecommunications to finance and retail falling victim to a threat actor known as SCATTERED SPIDER. Unlike traditional ransomware groups…
Hackers Allegedly Claim Breach of Scania Financial Services, Sensitive Data Stolen
A threat actor named “hensi” has reportedly claimed unauthorized access to Scania Financial Services’ insurance[.]scania.com subdomain and is allegedly selling around 34,000 files on cybercriminal marketplaces. While these claims remain unconfirmed by official sources, the incident highlights ongoing vulnerabilities in…
Hackers Using ClickFix Technique to Deploy Remote Access Trojans and Data-Stealing Malware
Cybersecurity researchers have documented a significant surge in attacks utilizing the ClickFix social engineering technique, which has emerged as one of the most effective methods for initial access in modern cyber campaigns. This deceptive tactic tricks users into executing malicious…
Critical Linux Privilege Escalation Vulnerabilities Let Attackers Gain Full Root Access
Two critical, interconnected flaws, CVE-2025-6018 and CVE-2025-6019, enable unprivileged attackers to achieve root access on major Linux distributions. Affecting millions worldwide, these vulnerabilities pose a severe security emergency that demands immediate patching. The first vulnerability exploits PAM configuration weaknesses in…
CISA Warns of Linux Kernel Improper Ownership Management Vulnerability Exploited in Attacks
CISA has added a critical Linux kernel vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that CVE-2023-0386 is being actively exploited in real-world attacks. This improper ownership management flaw in the Linux kernel’s OverlayFS subsystem allows local attackers to…
Chrome Vulnerabilities Let Attackers Execute Arbitrary Code – Update Now!
Google has released an urgent security update for Chrome browsers across all desktop platforms, addressing critical vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. The update, rolled out on Tuesday, June 17, 2025, patches three significant…
Threat Actors Attacking Windows System With New Winos 4.0 Malware
A sophisticated threat campaign targeting Windows systems has emerged, leveraging a new strain of malware known as winos 4.0 to compromise organizations across Taiwan. The attack, which has been active since January 2025, demonstrates the evolving tactics of cybercriminals who…
Google’s Gerrit Code Platform Vulnerability Allows Hack of 18 Google Projects Including ChromiumOS
A critical supply chain vulnerability dubbed “GerriScary” (CVE-2025-1568) that could have allowed attackers to inject malicious code into at least 18 major Google projects, including ChromiumOS, Chromium, Dart, and Bazel. The vulnerability uncovered by Tenable security researcher Liv Matan exploits…
New Veeam Vulnerabilities Enables Malicious Remote Code Execution on Backup Servers
Critical security vulnerabilities have been discovered in Veeam’s backup software solutions that could allow attackers to execute malicious code remotely on backup servers, posing significant risks to enterprise data protection systems. The vulnerabilities, assigned CVE numbers 2025-23121, 2025-24286, and 2025-24287,…
How to Detect Threats Early For Fast Incident Response: 3 Examples
Security Operations Center (SOC) teams are now facing an increasingly complex challenge: identifying and responding to security incidents before they can cause significant damage. The key to effective incident response is not just detecting threats quickly. It is understanding the…
New Microsoft Excel Token Protection Policy May Block Certain Data Imports
Microsoft has announced a significant security update that could disrupt data workflows for organizations heavily reliant on Excel’s Power Query functionality. The Microsoft Entra Conditional Access Token Protection feature, currently in Public Preview, introduces enhanced security measures that may prevent…
Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data
Two critical security vulnerabilities have been discovered in NetScaler ADC and NetScaler Gateway products, formerly known as Citrix ADC and Gateway, potentially allowing attackers to access sensitive data and compromise network security. Cloud Software Group, the company behind these networking…
Email Hosting Provider Cock.li Hacked – 1 Million Email Addresses Stolen
A major security breach at email hosting provider Cock[.]li has compromised personal data from over one million users, the company announced in an official statement. The incident specifically targeted the service’s Roundcube webmail platform, affecting approximately 1,023,800 users who had…
WhatsApp to Show Ads for Users in Status & Updates Tab
Meta has announced a significant expansion of WhatsApp’s monetization strategy with the introduction of advertising capabilities within the platform’s Updates tab. The company is implementing three key features: channel subscriptions, promoted channels, and status advertisements, targeting the 1.5 billion daily…
Critical Sitecore CMS Platform Vulnerabilities Let Attackers Gain Full Control of Deployments
Critical vulnerabilities in Sitecore Experience Platform, one of the most widely deployed enterprise content management systems, potentially expose over 22,000 instances worldwide to complete system compromise. The vulnerabilities, discovered by watchTowr researchers, allow attackers to gain full control of Sitecore…
New Sorillus RAT Actively Attacking European Organizations Via Tunneling Services
European organizations are facing a sophisticated cyber threat as the Sorillus Remote Access Trojan (RAT) emerges as a prominent weapon in a multi-language phishing campaign targeting businesses across Spain, Portugal, Italy, France, Belgium, and the Netherlands. The malware, which has…
BeyondTrust Tools RCE Vulnerability Let Attackers Execute Arbitrary Code
A high-severity remote code execution vulnerability has been identified in BeyondTrust’s Remote Support and Privileged Remote Access platforms, potentially allowing attackers to execute arbitrary code on affected systems. The vulnerability, tracked as CVE-2025-5309, carries a CVSSv4 score of 8.6 and…