A proof-of-concept exploit published for CVE-2025-21420, a newly discovered elevation of privilege vulnerability affecting the Windows Disk Cleanup Tool (cleanmgr.exe). The vulnerability allows attackers to escalate privileges to SYSTEM level by exploiting improper link resolution mechanisms within the SilentCleanup scheduled…
Tag: Cyber Security News
New TokenBreak Attack Bypasses AI Model’s with Just a Single Character Change
A critical vulnerability that allows attackers to bypass AI-powered content moderation systems using minimal text modifications. The “TokenBreak” attack demonstrates how adding a single character to specific words can fool protective models while preserving the malicious intent for target systems,…
HashiCorp Nomad Vulnerability Allows Privilege Escalation via ACL Policy Lookup Exploit
A significant security vulnerability in HashiCorp Nomad workload orchestrator that allows attackers to escalate privileges by exploiting the Access Control List (ACL) policy lookup mechanism. The vulnerability, tracked as CVE-2025-4922, affects both Community and Enterprise editions of Nomad across multiple…
Fog Ransomware Actors Exploits Pentesting Tools to Exfiltrate Data and Deploy Ransomware
The Fog ransomware group has evolved beyond conventional attack methods, deploying an unprecedented arsenal of legitimate pentesting tools in a sophisticated May 2025 campaign targeting a financial institution in Asia. This latest operation marks a significant departure from typical ransomware…
Ransomware Actors Exploit Unpatched SimpleHelp RMM to Compromise Billing Software Provider
Cybersecurity researchers have uncovered a sophisticated ransomware campaign targeting utility billing software providers through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) systems. The attack represents a concerning evolution in ransomware tactics, where threat actors are leveraging trusted remote…
Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists
The advanced Graphite mercenary spyware, developed by Paragon, targets journalists through a sophisticated zero-click vulnerability in Apple’s iOS. At least three European journalists have been confirmed as targets, with two cases forensically verified. The spyware exploited a zero-day vulnerability in iOS…
PoC Exploit Released for Critical WebDAV 0-Day RCE Vulnerability Exploited by APT Hackers
A critical zero-day vulnerability in WebDAV implementations that enables remote code execution, with proof-of-concept exploit code now publicly available on GitHub. The vulnerability, tracked as CVE-2025-33053, has reportedly been actively exploited by advanced persistent threat (APT) groups in targeted campaigns…
Threat Actors Compromise 270+ Legitimate Websites With Malicious JavaScript Using JSFireTruck Obfuscation
Cybersecurity researchers have uncovered a sophisticated malware campaign that leveraged an advanced JavaScript obfuscation technique to compromise hundreds of legitimate websites and redirect unsuspecting visitors to malicious content. The campaign, which infected over 269,000 webpages between March and April 2025,…
Google Cloud and Cloudflare Suffers Massive Widespread Outages
Two of the internet’s most critical infrastructure providers experienced significant service outages yesterday, disrupting millions of users worldwide as both Cloudflare and Google services suffered widespread failures within hours of each other. Cloudflare’s extensive service disruption began at approximately 18:19…
DragonForce Ransomware Group – The Rise of a Relentless Cyber Threat in 2025
The cybersecurity landscape has witnessed the emergence of increasingly sophisticated ransomware operations, with DragonForce standing out as a particularly concerning threat actor that has evolved from politically motivated attacks to large-scale financial extortion campaigns. DragonForce ransomware group launched in 2023…
Cloudflare Warns of DDoS Attacks Targeting Journalists and News Organizations
Cybersecurity firm Cloudflare has issued a stark warning about the escalating threat landscape facing independent media organizations worldwide, revealing that journalists and news outlets have become the primary targets of sophisticated distributed denial-of-service (DDoS) attacks. The company’s latest Project Galileo…
Threat Actors Exploiting Expired Discord Invite Links to Deliver Multi-Stage Malware
Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to hijack expired invite links and redirect unsuspecting users to malicious servers hosting advanced malware campaigns. This emerging threat leverages the…
Palo Alto Networks PAN-OS Vulnerability Enables Admin to Execute Root User Actions
A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user. Designated as CVE-2025-4231, this medium-severity vulnerability affects multiple versions of the company’s firewall operating…
OpenPGP.js Vulnerability Let Attackers Spoof Message Signature Verification
A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately signed by trusted sources. The flaw, designated CVE-2025-47934, represents a fundamental breach of…
Threat Actors Leverages DeepSeek-R1 Popularity to Attack Users Running Windows Devices
Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand…
Microsoft Outlook’s New Two-Click View for Encrypted Emails Protects You From Accidental Exposure
Microsoft is set to launch a significant security enhancement for Outlook users across multiple platforms. Starting April 2025, the company will roll out a new two-click verification feature for encrypted emails, requiring users to confirm their intent to access sensitive…
SoftBank DataBreach – 137,000 Users Personal Data Exposed From Third-party Service Provider
SoftBank Corporation, an investment holding company, disclosed a significant data breach affecting 137,156 mobile subscribers through compromised third-party infrastructure. The incident, which occurred in December 2024 but was only discovered in March 2025, represents a critical failure in vendor security…
CyberEYE RAT Disable Windows Defender Using PowerShell and Registry Manipulations
A sophisticated new Remote Access Trojan known as CyberEYE has emerged as a significant threat to Windows systems, demonstrating advanced capabilities to completely disable Windows Defender through a combination of PowerShell commands and registry manipulations. This modular, .NET-based malware leverages…
Microsoft Patched Windows Server 2025 Restart Bug that Disconnects AD Domain Controller
Microsoft has resolved a critical bug in Windows Server 2025 that caused Active Directory Domain Controllers to improperly manage network traffic after system restarts, resulting in service disconnections and application failures. The comprehensive patch, identified as KB5060842, was deployed on…
Don’t Click ‘Unsubscribe’ Links Blindly It May Leads to Loss of Credentials
A sophisticated cyber threat campaign leveraging malicious unsubscribe links has emerged as a significant security concern, targeting unsuspecting email users across the globe. This deceptive attack vector exploits users’ natural desire to clean up their inboxes, transforming what appears to…