A sophisticated campaign orchestrated by multiple hacktivist groups has emerged, targeting government portals, financial services, and online commerce platforms across Israel and allied nations. The coordinated cyber offensive, timed around the October 7 anniversary, demonstrated unprecedented levels of organization and…
Tag: Cyber Security News
Chinese Hackers Leverage Geo-Mapping Tool to Maintain Year-Long Persistence
The emergence of a sophisticated malware campaign leveraging geo-mapping technology has put critical infrastructure and enterprise networks on high alert. First observed targeting sectors across Asia and North America, the malware was traced to a group of Chinese threat actors…
TigerJack Hacks Infiltrated Developer Marketplaces with 11 Malicious VS Code Extensions
A sophisticated threat actor known as TigerJack has systematically infiltrated developer marketplaces with at least 11 malicious Visual Studio Code extensions, targeting thousands of unsuspecting developers worldwide. Operating under multiple publisher identities including ab-498, 498, and 498-00, this cybercriminal has…
Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication
Cybersecurity threats are rapidly evolving; even advanced operating systems like Windows 11 and Windows Server 2025 can have vulnerabilities due to legacy configurations. Horizon Secure highlighted a concerning feature: WDigest authentication, which can be enabled to cache plaintext passwords in…
Microsoft IIS Vulnerability Allows Unauthorized Attacker To execute Malicious Code
Microsoft has disclosed a critical remote code execution flaw in its Internet Information Services (IIS) platform, posing risks to organizations relying on Windows servers for web hosting. Tracked as CVE-2025-59282, the vulnerability affects the Inbox COM Objects handling global memory,…
NCSC Warns of UK Experiencing Four Cyber Attacks Every Week
The United Kingdom faces an unprecedented cyber security crisis as the National Cyber Security Centre (NCSC) reports handling an average of four ‘nationally significant’ cyber attacks weekly. This alarming escalation represents a dangerous shift in the threat landscape, with the…
Windows Agere Modem Driver 0-Day Vulnerabilities Actively Exploited To Escalate Privileges
Microsoft has disclosed two critical zero-day vulnerabilities in the Agere Modem driver bundled with Windows operating systems, confirming active exploitation to escalate privileges. The flaws, tracked as CVE-2025-24990 and CVE-2025-24052, affect the ltmdm64.sys driver and could allow low-privileged attackers to…
Chrome Use After Free Vulnerability Let Attackers Execute Arbitrary Code
Google has rolled out an urgent security update for its Chrome browser, addressing a high-severity use-after-free vulnerability that could allow attackers to execute arbitrary code on users’ systems. The patch is included in version 141.0.7390.107 for Linux and 141.0.7390.107/.108 for…
Windows Remote Desktop Client Vulnerability Let Attackers Execute Remote Code
Microsoft has patched a critical flaw in its Remote Desktop Client that could allow attackers to execute malicious code on victims’ systems. Disclosed on October 14, 2025, as CVE-2025-58718, the vulnerability stems from a use-after-free error, earning an “Important” severity…
Critical Veeam Backup RCE Vulnerabilities Let Attackers Execute Malicious Code Remotely
Veeam Software has disclosed three serious security flaws in its Backup & Replication suite and Agent for Microsoft Windows, which enable remote code execution and privilege escalation, potentially compromising enterprise backup infrastructures. These vulnerabilities, patched in recent updates, primarily affect…
Windows Remote Access Connection Manager 0-Day Vulnerability Actively Exploited in Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability in the Windows Remote Access Connection Manager (RasMan) service, allowing attackers to escalate privileges and potentially compromise entire systems. Tracked as CVE-2025-59230, the flaw stems from improper access control, enabling…
PolarEdge With Custom TLS Server Uses Custom Binary Protocol for C2 Communication
A sophisticated backdoor malware targeting Internet of Things devices has surfaced, employing advanced communication techniques to maintain persistent access to compromised systems. The PolarEdge backdoor, first detected in January 2025, represents a significant evolution in IoT-focused threats, utilizing a custom…
Microsoft October 2025 Patch Tuesday – 4 Zero-days and 172 Vulnerabilities Patched
Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 172 vulnerabilities across its ecosystem, including four zero-day flaws, of which two are actively exploited in the wild. This monthly security bulletin underscores the relentless pace of threat…
FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands
Fortinet disclosed a high-severity vulnerability in its FortiOS operating system on October 14, 2025, that could enable local authenticated attackers to execute arbitrary system commands. Tracked as CVE-2025-58325, the flaw stems from an incorrect provision of specified functionality (CWE-684) in…
FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process
Fortinet has issued an urgent advisory revealing a critical weakness in its FortiPAM and FortiSwitch Manager products that could allow attackers to sidestep authentication entirely through brute-force methods. Tracked as CVE-2025-49201, the flaw stems from a weak authentication mechanism in…
Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware
Cybercriminals have developed a sophisticated phishing campaign targeting Colombian users through fake judicial notifications, deploying a complex multi-stage malware delivery system that culminates in AsyncRAT infection. The campaign demonstrates an alarming evolution in social engineering tactics, leveraging legitimate-looking governmental communications…
New Cyberattack Leverages NPM Ecosystem to Infect Developers While Installing Packages
Cybersecurity researchers have uncovered a sophisticated phishing campaign that weaponizes the NPM ecosystem through an unprecedented attack vector. Unlike traditional malicious package installations, this operation leverages the trusted unpkg.com CDN to deliver phishing scripts directly through browsers, targeting enterprise employees…
Support for Windows 10 Ends Today Leaving Users Vulnerable to Cyberattacks
Microsoft officially ended support for Windows 10, marking the close of a decade-long era for one of the most popular operating systems in history. This means that as of today, the company will no longer deliver free security updates, feature…
Microsoft October 2025 Patch Tuesday – 4 Zero-days and 173 Vulnerabilities Patched
Microsoft rolled out its October 2025 Patch Tuesday updates, addressing a staggering 173 vulnerabilities across its ecosystem, including four zero-day flaws, of which two are actively exploited in the wild. This monthly security bulletin underscores the relentless pace of threat…
New IAmAntimalware Tool Injects Malicious Code Into Processes Of Popular Antiviruses
A sophisticated new tool called IAmAntimalware, designed to inject malicious code directly into antivirus software processes, potentially turning protective defenses into hidden backdoors for attackers. Released on October 11, 2025, by developer Two Seven One Three on GitHub, the tool…