Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Fedora Linux Kernel Vulnerability Let Attackers Gain Access to Sensitive Data - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. When enabled in “integrity” mode, it blocks runtime kernel modifications, while “confidentiality” mode ...
15 minutes ago Cybersecuritynews.com

Multiple NVIDIA CUDA Toolkit Vulnerabilities Let Attackers Trigger DoS - Attackers could crash analysis tools or leak memory contents by distributing weaponized cubin files – a critical risk for AI development teams sharing pre-trained models. These vulnerabilities, spanning the cuobjdump and nvdisasm utilities, expose ...
29 minutes ago Cybersecuritynews.com

Microsoft Power Pages 0-Day Vulnerability Exploited in the Wild - Microsoft has confirmed active exploitation of a critical elevation-of-privilege vulnerability (CVE-2025-24989) in its Power Pages platform, a low-code tool organizations use to build business websites. Microsoft continues to urge customers to ...
55 minutes ago Cybersecuritynews.com

APT-C-28 Group Launched New Cyber Attack With Fileless RokRat Malware - Unlike earlier versions that relied on cloud services for payload delivery, the latest attacks embed encrypted shellcode within malicious LNK files, reducing reliance on external servers likely flagged by security systems. PowerShell Script ...
56 minutes ago Cybersecuritynews.com

Microsoft Admin Guide to Block & Remove Apps on Endpoints - To extend protections to third-party browsers, a Settings Catalog policy under Devices > Windows > Configuration enables Network Protection in Block mode, leveraging Defender’s engine to intercept requests across all applications. The policy ...
1 hour ago Cybersecuritynews.com

AWS Key Hunter - A Free Automated Tool to Detect Exposed AWS keys - Security teams should combine this with AWS security best practices, such as enabling CloudTrail logging for API activity monitoring, implementing IAM policies based on least-privilege principles, and rotating credentials via the AWS Secrets Manager ...
1 hour ago Cybersecuritynews.com

Symantec Diagnostic Tool Vulnerability Let Attackers Escalate Privileges - As cloud security tools increasingly handle decrypted traffic and privileged operations, vendors must balance diagnostic capabilities with strict access controls to prevent lateral movement in breach scenarios. The issue specifically affects systems ...
1 hour ago Cybersecuritynews.com

NSA Added New Features to Supercharge Ghidra 11.3 - The National Security Agency (NSA) has unveiled Ghidra 11.3, a transformative update to its open-source Software Reverse Engineering (SRE) framework, delivering advanced debugging tools, accelerated emulation, and modernized integrations for ...
2 hours ago Cybersecuritynews.com

New NailaoLocker ransomware used against EU healthcare orgs - Orange has shared several hypotheses for the attacks, including false flag operations meant to distract, strategic data theft operations doubled with revenue generation, and, more likely, a Chinese cyberespionage group "moonlighting" on the side to ...
2 hours ago Bleepingcomputer.com

Ghost Ransomware Compromised Organisations Across 70+ Countries - By adhering to CISA’s Cross-Sector Cybersecurity Performance Goals (CPGs) and adopting a layered defense strategy encompassing timely patching, network segmentation, and rigorous access controls, organizations can mitigate risks that Ghost and ...
2 hours ago Cybersecuritynews.com

Windows Disk Cleanup Tool Vulnerability Exploited to Gain SYSTEM Privileges - Microsoft has addressed a critical vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) in the February 2025 Patch Tuesday security updates. The Microsoft Security Response Center website has more information about the patch and the other ...
6 hours ago Cybersecuritynews.com

Citrix NetScaler Vulnerability Allows Unauthorized Command Execution - Cloud Software Group issued urgent patches on February 18, 2025, for a high-severity vulnerability (CVE-2024-12284) affecting its NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. While exploitation requires existing access to the ...
8 hours ago Cybersecuritynews.com

Australian Infrastructure Faces 'Acute' Foreign Threats - "Cyber units from at least one nation state routinely try to explore and exploit Australia’s critical infrastructure networks, almost certainly mapping systems so they can lay down malware or maintain access in the future," Burgess said. ...
8 hours ago Darkreading.com

Critical Microsoft Bing Vulnerability Let Attackers Execute Code Remotely - Microsoft has addressed a critical security flaw in its Bing search engine, tracked as CVE-2025-21355, which could have allowed unauthorized attackers to execute arbitrary code remotely. While Microsoft has not disclosed specific technical details to ...
9 hours ago Cybersecuritynews.com

Hackers Weaponize Jarsigner App To Execute XLoader Malware - Threat actors have been observed exploiting the legitimate Java Archive (JAR) signing tool jarsigner.exe to deploy the notorious XLoader malware, according to recent findings from the AhnLab Security Intelligence Center (ASEC). While the researchers ...
9 hours ago Cybersecuritynews.com

New Snake Keylogger Attacking Chrome, Edge, and Firefox Users - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new ...
10 hours ago Cybersecuritynews.com

Insight Partners, VC Giant, Falls to Social Engineering - "Organizations should establish secure communication channels with partners that can be used to verify such messages received," he advised, adding, "technical methods to prevent the impact of social engineering attacks on an ...
11 hours ago Darkreading.com

Russian Groups Target Signal Messenger in Spy Campaign - But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week. The other ...
12 hours ago Darkreading.com

Recent Ghost/Cring ransomware activity prompts alert from FBI, CISA | The Record from Recorded Future News - A ransomware group known as Ghost has been exploiting vulnerabilities in software and firmware as recently as January, according to an alert issued Wednesday by the FBI and Cybersecurity and Infrastructure Security Agency (CISA). The vulnerabilities ...
13 hours ago Therecord.media

CISA and FBI: Ghost ransomware breached orgs in 70 countries - Right after Amigo_A and Swisscom's CSIRT team first spotted Ghost ransomware in early 2021, their operators were dropping custom Mimikatz samples, followed by CobaltStrike beacons, and deploying ransomware payloads using the legitimate Windows ...
13 hours ago Bleepingcomputer.com

New Web Inject Attack Campaigns Targeting MacOS Users To Deploy FrigidStealer Malware - Security researchers at Proofpoint have uncovered a sophisticated web inject campaign targeting MacOS users with a new information-stealing malware called FrigidStealer. The operation involves two newly identified threat actors, TA2726 and TA2727, ...
14 hours ago Cybersecuritynews.com

Phishing attack hides JavaScript using invisible Unicode trick - A short bootstrap script retrieves the hidden payload using a JavaScript Proxy 'get() trap.' When the hidden property is accessed, the Proxy converts the invisible Hangul filler characters back into binary and reconstructs the original JavaScript ...
14 hours ago Bleepingcomputer.com

Content Credentials Show Promise, But Ecosystem Still Young - It's a good start, but an end-to-end workflow requires more: Cameras or smartphones to generate signed images, support for Content Credentials in a wide variety of image-editing software, and the ability to view authenticated metadata on social ...
14 hours ago Darkreading.com

Russian CryptoBytes Hackers Exploiting Windows Machines To Deploy UxCryptor Ransomware - The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat research team. Cyber Security News is a ...
15 hours ago Cybersecuritynews.com

Hackers Inject FrigidStealer Malware on Your macOS Via Fake Browser Updates - This division of labor allows TA2726 to handle website compromises and traffic filtering, while TA2727 deploys tailored payloads, including FrigidStealer for macOS, Lumma Stealer for Windows, and Marcher banking trojan for Android. Cybersecurity firm ...
15 hours ago Cybersecuritynews.com

New Fake Browser Updates Deploy NetSupport RAT Malware on Your Windows - A sophisticated malware campaign attributed to the SmartApeSG threat actor (also tracked as ZPHP/HANEYMANEY) has targeted users through compromised websites since early 2024, deploying NetSupport RAT and StealC malware via fraudulent browser update ...
16 hours ago Cybersecuritynews.com

BlackLock Emerging As a Major Player In RaaS With Variants for Windows, VMWare ESXi, & Linux Environments - Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and sophisticated anti-detection techniques to ...
16 hours ago Cybersecuritynews.com

New FrigidStealer infostealer infects Macs via fake browser updates - Windows users get an MSI installer that loads Lumma Stealer or DeerStealer, Mac users receive a DMG file that installs the new FrigidStealer malware, and Android users receive an APK file that contains the Marcher banking trojan. FakeUpdate ...
17 hours ago Bleepingcomputer.com

Australian fertility services giant Genea hit by security breach - While the company has yet to reveal when the breach was detected or whether patients' personal and health information was exposed, Genea's breach confirmation comes five days after a phone outage impacted the group's fertility clinics. Genea, ...
17 hours ago Bleepingcomputer.com

North Korean Hackers Using Dropbox & PowerShell Scripts To Infiltrate Organizations - Dubbed ‘DEEP#DRIVE’ by researchers at Securonix, the operation leverages phishing lures, obfuscated PowerShell scripts, and Dropbox’s infrastructure to bypass security defenses and exfiltrate sensitive data. A coordinated cyber ...
18 hours ago Cybersecuritynews.com

Patch Now: Palo Alto Flaw Exploited in the Wild - Indeed, researchers observed attackers making exploit attempts by chaining CVE-2025-0108 with two other PAN-OS Web management interface flaws — CVE-2024-9474, a privilege escalation flaw, and CVE-2025-0111, an authenticated file read vulnerability ...
18 hours ago Darkreading.com

Thailand to take in 7,000 rescued from illegal cyber scam hubs in Myanmar | The Record from Recorded Future News - Around 7,000 people rescued from illegal call centers in Myanmar are awaiting transfer to Thailand amid a crackdown on cross-border scam operations, Thailand’s Prime Minister Paetongtarn Shinawatra said on Wednesday. Many of those trapped in the ...
18 hours ago Therecord.media

INE Security's Cybersecurity and IT Training Enhances Career Stability in Tech - As the technology job market weathers this volatility, INE Security, a global leader in networking and cybersecurity training, is highlighting its commitment to equipping IT professionals with the skills they need to thrive. Harnessing a powerful ...
19 hours ago Cybersecuritynews.com

Palo Alto Networks tags new firewall bug as exploited in attacks - Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. "Palo Alto Networks has observed exploit ...
19 hours ago Bleepingcomputer.com

The Browser Blind Spot: Why Your Browser is the Next Cybersecurity Battleground - Security teams must integrate browser detection & response capabilities into their enterprise security stack to gain real-time visibility, detect browser-native threats, and protect people where they work. Just as EDR transformed endpoint ...
19 hours ago Bleepingcomputer.com

The Board's Role in Cyber-Risk Management in OT Environments - This requires a multifaceted approach beginning with appreciating the unique challenges and risks associated with OT cybersecurity, including understanding the potential consequences of OT breaches and the importance of dedicated OT security ...
19 hours ago Darkreading.com

Russian state hackers spy on Ukrainian military through Signal app | The Record from Recorded Future News - Google said that while these recent attacks were likely driven by wartime demands to access sensitive government and military communications in the context of Russia’s invasion of Ukraine, researchers expect attacks on Signal to grow and spread to ...
20 hours ago Therecord.media

Palo Alto Networks Warns Hackers Combining Vulnerabilities to Compromise Firewalls - Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation firewalls. By combining these vulnerabilities, ...
20 hours ago Cybersecuritynews.com

Lee Enterprises Says Ransomware Attack Compromises 'Critical' Systems - Lee’s incident response team, comprising internal IT personnel and external cybersecurity experts, isolated affected systems and initiated manual transaction processing to mitigate operational paralysis. Lee’s incident highlights the escalating ...
21 hours ago Cybersecuritynews.com

Hackers Turning Stolen Payment Card Data into Apple & Google Wallets - Unlike earlier carding methods reliant on cloned magnetic stripes, this approach exploits contactless payment infrastructure via NFC relay tools like NFCGate—a repurposed academic tool originally designed for testing NFC security. Security analysts ...
21 hours ago Cybersecuritynews.com

Threat Actors Using $10 Infostealer Malware To Breach Critical US Security - According to Hudson Rock’s cybercrime intelligence data, over 30,000 infected devices across defense sectors—including Lockheed Martin, Boeing, and the U.S. Navy—have leaked credentials enabling unauthorized access to classified networks, ...
21 hours ago Cybersecuritynews.com

South Korea Confirm DeepSeek Sending Data Chinese ByteDance Servers - The findings follow a technical audit revealing critical security flaws, including unencrypted data transfers, deprecated encryption protocols, and deliberate bypassing of Apple’s App Transport Security (ATS) safeguards. Data Sovereignty Concerns: ...
21 hours ago Cybersecuritynews.com

Raymond IT Systems Hit by Cyber Attack - Investigation In progress - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. While the filing did not identify the threat actors or clarify whether ransomware or data exfiltration occurred, Raymond ...
21 hours ago Cybersecuritynews.com

Sanctioned entities fueled $16 billion in cryptocurrency activity last year, report says | The Record from Recorded Future News - Sanctioned entities and jurisdictions were responsible for nearly $16 billion in cryptocurrency activity last year, driven in part by a resurgence of activity in the mixing service Tornado Cash and a spike in the use of crypto in Iran. The amount of ...
21 hours ago Therecord.media

Russian Hackers Attacking Signal Messenger Users To Gain Access To Sensitive Data - Google Threat Intelligence Group (GTIG) reveal an escalating campaign by multiple Russia-aligned threat actors targeting Signal Messenger users through sophisticated exploitation of the app’s “linked devices” feature. While the GTIG ...
21 hours ago Cybersecuritynews.com

Firefox 135.0.1 Released with Fix for High-Severity Memory Safety Vulnerabilities - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This release underscores Mozilla’s ongoing efforts ...
1 day ago Cybersecuritynews.com

90,000 Wordpress Sites Vulnerable to Local File Inclusion Attacks - A severe security flaw in the Jupiter X Core plugin for WordPress exposed over 90,000 websites to Local File Inclusion (LFI) and Remote Code Execution (RCE) attacks. The vulnerability tracked as CVE-2025-0366 with a CVSS score of 8.8 (High), enables ...
1 day ago Cybersecuritynews.com

Most Popular Passwords Cracked Within a Second - With the average cost of a data breach projected to reach $4.88 million in 2024, a 10% increase from 2023, users must adopt stronger password practices to safeguard their digital assets. The most commonly used password, 123456, has been employed over ...
1 day ago Cybersecuritynews.com

New Wave of 'Scam-Yourself' Attacks Utilizing AI-Generated Videos With DeepFake - Despite the channel’s legitimate appearance—including repurposed content from TradingView—the unlisted tutorial video instructs viewers to activate a fictitious “AI-powered developer mode” that purportedly predicts cryptocurrency ...
1 day ago Cybersecuritynews.com

Yahoo Data Leak - Hackers Allegedly Advertised 602,000 Email Accounts - These details can be exploited for phishing attacks, identity theft, or credential stuffing, a method where hackers use leaked credentials to access other accounts where users may have reused passwords. A hacker operating under the alias ...
1 day ago Cybersecuritynews.com

Critical Apache Ignite Vulnerability(CVE-2024-52577) Let Attackers Execute Remote Code - A critical vulnerability in Apache Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters. Restrict network access to Ignite endpoints via firewalls or ...
1 day ago Cybersecuritynews.com

Russian Government Proposed New Penalties to Combat Cybercrime - The Federal Security Service (FSB) gains authority to requisition real-time traffic logs from telecom providers and mandate automated threat reporting via the FinCERT portal, a centralized hub for banking-sector cyber incidents. The initiative ...
1 day ago Cybersecuritynews.com

GPT-4o Copilot Trained in Over 30 Popular Programming Languages - To activate GPT-4o Copilot, developers can navigate to the Copilot menu in the VS Code title bar and select Configure Code Completions… > Change Completions Model. Free users receive 2,000 monthly completions under the GPT-4o model, with ...
1 day ago Cybersecuritynews.com

Weaponized Signal, Line, and Gmail Apps Delivers Malware That Changes System Defenses - These fake and weaponized apps are distributed via deceptive download pages that deliver malware capable of altering system defenses, evading detection, and exfiltrating sensitive data. The attackers exploit search engine manipulation to push ...
1 day ago Cybersecuritynews.com

CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities - Exploits require low attack complexity, so organizations must prioritize firmware updates, network hardening, and adherence to frameworks like NIST SP 800-82 for ICS security. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber ...
1 day ago Cybersecuritynews.com

Does AI Detection Remover Really Work? How to Fix Text Like a Pro! - Maintains consistency: The tool follows patterns found in human writing, ensuring that your content stays consistent in tone, style, and structure throughout the piece. So when you use the AI Detection Removal tool, it doesn’t just shuffle words ...
1 day ago Cybersecuritynews.com

CISA Warns of Palo Alto PAN-OS Vulnerability Actively Exploited in the Wild - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding actively exploiting a high-severity authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS, the operating system powering the ...
1 day ago Cybersecuritynews.com

Chrome Buffer Overflow Vulnerabilities Allow Arbitrary Code Execution - Google has urgently patched two high-severity heap buffer overflow vulnerabilities in its Chrome browser, CVE-2025-0999, and CVE-2025-1426, that could allow attackers to execute arbitrary code and seize control of affected systems. Heap buffer ...
1 day ago Cybersecuritynews.com

North Korea's Kimsuky Attacks Rivals' Trusted Platforms - North Korea-linked threat groups are increasingly using living-off-the-land (LotL) techniques and trusted services to evade detection, with a recent Kimsuky campaign showcasing the use of PowerShell scripts and storing data in Dropbox folders, along ...
1 day ago Darkreading.com

WinRAR 7.10 boosts Windows privacy by stripping MoTW data - This allows the Mark-of-the-Web security feature to continue to work with extracted files, but the alternate data stream can no longer be used to learn where the file was downloaded. Modern file archives will propagate the MoTW found in archives to ...
1 day ago Bleepingcomputer.com

Xerox Printer Vulnerabilities Enable Credential Capture - "Since LDAP and SMB settings on MFP devices typically contain Windows Active Directory credentials, a successful attack would give a malicious actor access to Windows file services, domain information, email accounts, and database systems," ...
1 day ago Darkreading.com

China-Linked Threat Group Targets Japanese Orgs' Servers - In targeting organizations in the Asia-Pacific region, Winnti is exploiting vulnerabilities found in applications like IBM Lotus Domino to deploy malicious malware, including DEATHLOTUS, UNAPIMON, PRIVATELOG, CUNNINGPIGEON, WINDJAMMER, and ...
1 day ago Darkreading.com

Thrive Acquires Secured Network Services - 13, 2025 (GLOBE NEWSWIRE) -- Thrive, a global technology outsourcing provider for cybersecurity, Cloud, and IT managed services, today announced the acquisition of Secured Network Services (SNS), a leading New Hampshire-based IT provider for ...
1 day ago Darkreading.com

Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension - Meanwhile, background.js functions as an intermediary to bypass browser security policies, transmitting the stolen data from content.js to the command-and-control (C2) server. The emergence of a highly obfuscated .NET-based Remote Access Trojan (RAT) ...
1 day ago Cybersecuritynews.com

SANS Institute Launches AI Cybersecurity Hackathon - Running from February 15 to March 15, 2025, this hackathon provides an opportunity for cybersecurity professionals, ethical hackers, developers, and students to cultivate the critical skills and develop the open-source tools needed to address ...
1 day ago Darkreading.com

Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners - The threat actors uploaded infected game installers onto torrent sites in September 2024, months in advance, and triggered the payloads within the games during the holidays, making detection less likely. A large-scale malware campaign dubbed ...
1 day ago Bleepingcomputer.com

Threat Actors Trojanize Popular Versions of Games To Infect Systems Bypassing Evasion Techniques - By exploiting user trust in popular games and employing advanced evasion techniques, threat actors have demonstrated their ability to infiltrate systems undetected while maximizing financial gain through cryptomining. In a sophisticated cyberattack ...
1 day ago Cybersecuritynews.com

SonicWall SonicOS SSLVPN Vulnerability Actively Exploited in the Wild - The vulnerability’s exploitation underscores persistent risks in widely deployed network security appliances and highlights the tactical evolution of threat actors targeting authentication bypass mechanisms. The U.S. Cybersecurity and ...
1 day ago Cybersecuritynews.com

Hackers use ‘sophisticated’ macOS malware to steal cryptocurrency, Microsoft says | The Record from Recorded Future News - Slovenia’s computer emergency response team also discovered two malware samples — BeaverTail and InvisibleFerret — that steal data from companies and individuals involved in Web3 technology, such as smart contracts, cryptocurrencies, and ...
1 day ago Therecord.media

New Research Proposed To Enhance MITRE ATT&CK In Dynamic Cybersecurity Environments - However, analysts (at National University of Singapore and NCS Cyber Special Ops R&D) noted that the proposed research seeks to address current limitations by introducing advanced capabilities such as real-time threat mapping, cross-domain ...
1 day ago Cybersecuritynews.com

Venture capital giant Insight Partners hit by cyberattack - After discovering the breach, Insight Partners notified law enforcement in relevant jurisdictions and hired third-party cybersecurity experts to investigate its impact. "We are working diligently to determine the scope of the incident with the ...
1 day ago Bleepingcomputer.com

Microsoft reminds admins to prepare for WSUS driver sync deprecation - Introduced as Software Update Services (SUS) in 2005, almost two decades ago, WSUS enables IT admins to manage and distribute updates for Microsoft products across enterprise networks with large numbers of Windows devices from a single server instead ...
1 day ago Bleepingcomputer.com

New Variant of macOS Threat XCSSET Spotted in the Wild - To avoid downloading Xcode projects infected with XCSSET, Microsoft recommends that developers and users "always inspect and verify any Xcode projects downloaded or cloned from repositories" that potentially will spread the malware. ...
1 day ago Darkreading.com

How Cyber Threat Intelligence Helps with Alert Triage - Proactive Defense: Threat intelligence fuels a proactive approach where SOC teams can anticipate incidents, preemptively block malicious infrastructures, adjust their triage processes and response plans accordingly, even before an alert is generated. ...
1 day ago Cybersecuritynews.com

Chinese hackers abuse Microsoft APP-v tool to evade antivirus - The Chinese APT hacking group "Mustang Panda" has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. ...
1 day ago Bleepingcomputer.com

Trending Cyber News (last 7 days)

Hackers Abusing Microsoft Teams Meeting Invites to Trick Victims for Gaining Access - In a sophisticated cyberattack campaign, a threat actor identified as Storm-2372 has been leveraging Microsoft Teams meeting invites to execute “device code phishing” attacks. These emails prompt recipients to authenticate using the ...
3 days ago Cybersecuritynews.com

Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - Recorded Future News will be providing live coverage from the Munich Cyber Security Conference (February 13 & 14) and Munich Security Conference (February 14 - 16). We will be updating this page with live coverage throughout the conferences with ...
6 days ago Therecord.media

Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - “The Cybercrime Team Amsterdam will, in consultation with the Public Prosecution Service, further investigate the data found on the seized servers,” Dutch police said. Police in the Netherlands say they seized 127 servers this week that were used ...
6 days ago Therecord.media

Pennsylvania utility says MOVEit breach at vendor exposed some customer data | The Record from Recorded Future News - PPL Electric Utilities said in an emailed statement that the vendor notified it in June 2023 of a breach through a widespread bug in the MOVEit file transfer software, which affected hundreds of organizations and exposed the data of tens of millions ...
5 days ago Therecord.media

PurpleLab - A Free Cybersecurity Lab for Security Teams To Analyse Cyber Threats - PurpleLab is a cybersecurity lab that integrates various tools and technologies to support analysts in testing detection rules and simulating real-world cyber threats. In a significant step forward for cybersecurity professionals, PurpleLab offers an ...
3 days ago Cybersecuritynews.com

Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number - According to Gokuleswaran, a Cyber Security Analyst, the vulnerability allowed unauthorized users to access private KYC records by exploiting a flaw in the portal’s URL structure. This breach exemplifies how IDOR vulnerabilities can lead to ...
3 days ago Cybersecuritynews.com

Multiple Russian Actors Attacking Orgs To Hack Microsoft 365 Accounts via Device Code Authentication - Security researchers at Volexity have uncovered multiple Russian threat actors conducting sophisticated social engineering and spear-phishing campaigns targeting Microsoft 365 accounts through Device Code Authentication exploitation. The threat ...
3 days ago Cybersecuritynews.com

An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - In an interview with Recorded Future News, Cancellato said he is not sure if Prime Minister Giorgia Meloni’s government is tied to the incident, though Paragon has reportedly ended its contract with Italy. [We found] a lot of antisemitic and racist ...
6 days ago Therecord.media

Beware of Fake Outlook Troubleshooting Calls that Ends Up In Ransomware Deployment - A sophisticated cyber threat has emerged in recent weeks, targeting unsuspecting users with fake Outlook troubleshooting calls. To protect yourself from fake Outlook troubleshooting scams, always verify the caller’s identity, as legitimate ...
3 days ago Cybersecuritynews.com

RansomHub Evolves To Attack Windows, ESXi, Linux and FreeBSD Operating Systems - With RansomHub actively exploiting zero-day vulnerabilities and recruiting displaced ALPHV/LockBit affiliates, organizations must strengthen endpoint security and ensure backup isolation to prevent potential attacks. RansomHub ransomware group ...
2 days ago Cybersecuritynews.com

CVE-2024-13439 - The Team – Team Members Showcase Plugin plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the response() function in all versions up to, and including, 4.4.9. This makes it possible for authenticated ...
4 days ago Tenable.com

Hidden Malware in WordPress Websites Allows Attackers to Execute Malicious Code Remotely - A sophisticated malware campaign has recently been uncovered by security researchers at Sucuri, targeting WordPress websites through hidden malware and backdoors in the mu-plugins directory. This campaign shows the importance of continuous WordPress ...
2 days ago Cybersecuritynews.com

X now blocks Signal contact links, flags them as malicious - According to BleepingComputer's tests and other users' reports, attempting to post Signal.me links via public posts, direct messages, or profile bios receive error messages citing spam or malware risks. Social media platform X (formerly Twitter) is ...
2 days ago Bleepingcomputer.com

CVE-2024-13500 - The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.6.17 ...
4 days ago Tenable.com

CVE-2025-26793 - The Web GUI configuration panel of Hirsch (formerly Identiv and Viscount) Enterphone MESH through 2024 ships with default credentials (username freedom, password viscount). The administrator is not prompted to change these credentials on initial ...
4 days ago Tenable.com

Meta Paid Out $2.3 Million to Researchers via Bug Bounty Program - This initiative, which began in 2011, has now surpassed $20 million in total payouts, underscoring Meta’s dedication to collaborating with the global security research community to enhance platform safety and integrity. Meta’s bug bounty ...
3 days ago Cybersecuritynews.com

CVE-2025-0822 - Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.5.2 via the fileID Parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of ...
4 days ago Tenable.com

New Go-Based Malware Exploits Telegram and Use It as C2 Channel - Researchers have identified a new backdoor malware, written in Go programming language, that leverages Telegram as its command-and-control (C2) channel. Netskope Advanced Threat Protection proactively detects this threat under the identifier ...
4 days ago Cybersecuritynews.com

CVE-2025-1359 - A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross ...
3 days ago Tenable.com

Threat Actors Leveraging Modified Version of SharpHide Tool To Create Hidden Registry - Threat actors have been utilizing a modified version of the SharpHide tool to create hidden registry values, significantly complicating detection and deletion efforts. [+] SharpDelete by Andrew Petrus - Tool to delete hidden registry values ...
3 days ago Cybersecuritynews.com

New Android Security Feature that Blocks Changing Sensitive Setting During Calls - A common tactic involves guiding victims over the phone to enable sideloading or accessibility permissions, which allow malicious apps to bypass safeguards and gain control of the device. This feature, currently live in the beta version, prevents ...
3 days ago Cybersecuritynews.com

Microsoft: Hackers steal emails in device code phishing attacks - "The invitations lure the user into completing a device code authentication request emulating the experience of the messaging service, which provides Storm-2372 initial access to victim accounts and enables Graph API data collection activities, such ...
4 days ago Bleepingcomputer.com

CVE-2025-1354 - A vulnerability was found in Asus RT-N12E 2.0.0.19. It has been classified as problematic. Affected is an unknown function of the file sysinfo.asp. The manipulation of the argument SSID leads to cross site scripting. It is possible to launch the ...
3 days ago Tenable.com

CISA Warns of Apple iOS Vulnerability Exploited in Wild - The flaw, an authorization bypass in Apple’s USB Restricted Mode, enables attackers with physical access to disable security protections on locked devices, potentially exposing sensitive data. CVE-2025-24200, cataloged under CWE-863 (Incorrect ...
2 days ago Cybersecuritynews.com

Ransomware Gangs Encrypt Systems After 17hrs From Initial Infection - A 2025 threat report by cybersecurity firm Huntress reveals ransomware gangs now take just 17 hours on average to encrypt systems after initial network intrusion, with some groups like Akira and RansomHub operating in as little as 4–6 hours. New ...
2 days ago Cybersecuritynews.com

Fintech giant Finastra notifies victims of October data breach - While Finastra has yet to share the number of individuals affected by the data breach and the nature of the exposed data (besides victims' names), the company started sending breach notification letters last week to at least 65 people in the state ...
2 days ago Bleepingcomputer.com

Microsoft to remove the Location History feature in Windows - “We are deprecating and removing the Location History feature, an API that allowed Cortana to access 24 hours of device history when location was enabled,” reads Microsoft's announcement. The API behind the feature, ...
2 days ago Bleepingcomputer.com

CVE-2024-13834 - The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remote_request' function. ...
4 days ago Tenable.com

CVE-2024-13488 - The LTL Freight Quotes – Estes Edition plugin for WordPress is vulnerable to SQL Injection via the 'dropship_edit_id' and 'edit_id' parameters in all versions up to, and including, 3.3.7 due to insufficient escaping on the user supplied parameter ...
4 days ago Tenable.com

CVE-2024-10581 - The DirectoryPress Frontend plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.7.9. This is due to missing or incorrect nonce validation on the dpfl_listingStatusChange() function. This makes it ...
4 days ago Tenable.com

Microsoft rolls out BIOS update that fixes ASUS blue screen issues - "Devices with ASUS models X415KA and X515KA running a BIOS version lower than 311 will need to install the latest BIOS update to remove the safeguard and proceed with the Windows 11, version 24H2 upgrade," Microsoft said. However, in a ...
2 days ago Bleepingcomputer.com

Xerox Printers Vulnerability Let Attackers Capture Auth Data From LDAP & SMB - In one demonstrated attack chain, researchers gained admin access via default credentials (Xerox devices often retain factory defaults), modified LDAP settings to attacker IP, triggered LDAP sync via “Test Connection” feature and used captured ...
2 days ago Cybersecuritynews.com

SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild - The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. Security analysts attribute the rapid weaponization ...
4 days ago Cybersecuritynews.com

IDOR vulnerability in ExHub Let Attacker Modify Web Hosting Configuration - The consequences of this IDOR vulnerability were severe where attackers could manipulate deployment configurations, potentially gaining unauthorized access to sensitive resources. This vulnerability effectively allowed unauthorized users to perform ...
3 days ago Cybersecuritynews.com

Microsoft spots XCSSET macOS malware variant used for crypto theft - A new variant of the XCSSET macOS modular malware has emerged in attacks that target users' sensitive information, including digital wallets and data from the legitimate Notes app. XCSSET then creates a malicious Launchpad application with ...
2 days ago Bleepingcomputer.com

Hacker leaks account data of 12 million Zacks Investment users - In late January, a threat actor published data samples on a hacker forum, claiming a breach at Zacks in June 2024 that exposed data of millions of customers. Zacks Investment Research (Zacks) last year reportedly suffered another data breach that ...
6 days ago Bleepingcomputer.com

New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - ClearSky Cyber Security has uncovered a user interface (UI) vulnerability in Microsoft Windows that is currently being exploited by a sophisticated threat actor known as Mustang Panda, a group believed to be affiliated with Chinese state interests. ...
6 days ago Cybersecuritynews.com

Beware of Fake BSOD Delivered by Malicious Python Script - According to security consultant Xavier Mertens, the tkinter library, a standard Python module, is typically used to create graphical user interfaces (GUIs). Security teams should consider monitoring for unusual uses of GUI libraries like tkinter as ...
5 days ago Cybersecuritynews.com

CVE-2024-12562 - The s2Member Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 241216 via deserialization of untrusted input from the 's2member_pro_remote_op' vulnerable parameter. This makes it possible for ...
5 days ago Tenable.com

CVE-2021-30369 - Rejected reason: Was determined not a vulnerability. ...
2 days ago Tenable.com

Chase will soon block Zelle payments to sellers on social media - While Chase didn't share what exactly prompted this decision, the U.S. Consumer Financial Protection Bureau (CFPB) sued Early Warning Services (Zelle's operator) and three of its owner banks (Bank of America, JPMorgan Chase, and Wells Fargo) in ...
2 days ago Bleepingcomputer.com

CVE-2025-26506 - Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. ...
5 days ago Tenable.com

CVE-2025-1355 - A vulnerability was found in needyamin Library Card System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /signup.php of the component Add Picture. The manipulation leads to unrestricted ...
3 days ago Tenable.com

CVE-2024-13837 - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. ...
2 days ago Tenable.com

CVE-2024-13879 - The Stream plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.0.2 due to insufficient validation on the webhook feature. This makes it possible for authenticated attackers, with ...
2 days ago Tenable.com

CVE-2025-26508 - Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. ...
5 days ago Tenable.com

Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - “We’re starting by bringing AI-powered extensions to Burp Suite Professional giving you even more ways to integrate AI into your security testing! The ability to build AI-powered extensions is now available in Early Adopter 2025.2.” ...
6 days ago Cybersecuritynews.com