Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data - The flaw resides in Zimbra’s webmail interface’s GraphQL endpoint (/service/extension/graphql), where improper CSRF token validation enables malicious actors to manipulate authenticated users into triggering unintended actions. Zimbra ...
13 minutes ago Cybersecuritynews.com

Defending Against APTs - CISO's Strategic Guide - CISOs must recognize that APTs represent not just technical challenges but strategic threats requiring comprehensive defense frameworks that address the full attack lifecycle, from prevention through detection to response and recovery. Traditional ...
18 minutes ago Cybersecuritynews.com

Docker Registry Vulnerability Lets MacOS Users Pull Images from Any Registry - A newly disclosed vulnerability in Docker Desktop’s Registry Access Management (RAM) feature has left macOS users vulnerable to unauthorized image pulls, undermining critical container security controls. Docker’s Registry Access Management (RAM) ...
19 minutes ago Cybersecuritynews.com CVE-2025-4095

PowerDNS DNSdist Vulnerability Let Attackers Cause Denial of Service Condition - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The swift response from PowerDNS in releasing a fixed version demonstrates the importance of community involvement in ...
57 minutes ago Cybersecuritynews.com

Hackers Leveraging GetShared to Deploy Malware Bypassing Defenses - This emerging threat allows attackers to circumvent traditional email security measures by exploiting the trusted status of notifications from recognized platforms. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, ...
1 hour ago Cybersecuritynews.com

WhatsApp Introduces AI Tools With Promise of Full Message Secrecy - “Private Processing will allow users to leverage powerful AI features, while preserving WhatsApp’s core privacy promise, ensuring no one except you and the people you’re talking to can access or share your personal messages, not ...
1 hour ago Cybersecuritynews.com

CISA Warns SAP 0-day Vulnerability Exploited in the Wild - “This vulnerability exposes the development server to the network without any authentication, meaning attackers can upload malicious files without needing a login,” explained security researchers at Onapsis who observed active ...
1 hour ago Cybersecuritynews.com

Avast Antivirus Vulnerability Let Attackers Escalate Privileges - Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access. The vulnerability affects multiple versions of ...
2 hours ago Cybersecuritynews.com

Verizon 2025 Report Alarming Rise in Cyberattacks Via Third-Parties - With ransomware and data theft continuing to pose significant threats, the report underscores the importance of comprehensive security programs that include regular vulnerability assessments, prompt patching, employee training, and improved ...
2 hours ago Cybersecuritynews.com

Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code - Security researcher Nafiez has publicly disclosed a previously unknown vulnerability affecting Windows LNK files (shortcuts) that can potentially allow attackers to execute code remotely without user interaction. As security researchers from Intezer ...
4 hours ago Cybersecuritynews.com

GitAuto Strengthens Code Security By Automating QA At Scale - GitAuto directly addresses this gap by identifying sections of code lacking test coverage and autonomously generating appropriate unit and integration tests. Unlike passive suggestion engines such as GitHub Copilot, GitAuto actively monitors CI ...
5 hours ago Cybersecuritynews.com

Cybersecurity in Mergers and Acquisitions - CISO Focus - The most successful security leaders adopt what experts call “moving left and right” in the M&A process: “left” by engaging earlier in the deal cycle during target identification and valuation, and “right” by ...
6 hours ago Cybersecuritynews.com

Top Cybersecurity Trends Every CISO Must Watch in 2025 - By embracing these trends and adopting a proactive, strategic approach, security leaders can ensure their organizations remain resilient in the face of evolving cyber threats. Ultimately, the most successful CISOs in 2025 will be those who can ...
6 hours ago Cybersecuritynews.com

Zero Trust Architecture - A CISO’s Blueprint for Modern Security - By shifting the security focus from the network perimeter to the individual user and device, Zero Trust empowers CISOs to stay ahead of evolving threats and protect critical assets in a rapidly changing world. This article explores how CISOs can ...
6 hours ago Cybersecuritynews.com

Chrome 136 Released With Patch For 20-Year-Old Privacy Vulnerability - The extended stable channel has also been updated to version 136.0.7103.48/49 for Windows and Mac, ensuring that enterprise and risk-averse users benefit from these critical security and privacy improvements. Users are encouraged to update their ...
7 hours ago Cybersecuritynews.com

Google: 75 zero-days seen in 2024 as nations, spyware vendors continue exploitation | The Record from Recorded Future News - The number of unreported bugs exploited by criminals, nation states and commercial vendors fell in 2024, but hackers are increasingly targeting vulnerabilities in security software and appliances to gain greater access to victim systems. There were a ...
8 hours ago Therecord.media

Grinex exchange suspected rebrand of sanctioned Garantex crypto firm - According to a new report by blockchain intelligence firm TRM Labs, Grinex shows strong ties to Garantex's previous operations but has not determined if it's currently being used for illicit transactions. U.S. authorities seized Garantex's domains in ...
13 hours ago Bleepingcomputer.com

Microsoft: Windows Server hotpatching to require subscription - Microsoft has announced that it will soon introduce paid subscriptions for Windows Server 2025 hotpatching, a service that enables admins to install security updates without restarting. Hotpatching has been available since February 2022 for Windows ...
13 hours ago Bleepingcomputer.com

Hackers ramp up scans for leaked Git tokens and secrets - To mitigate the risks that arise from these scans, it is recommended to block access to .git/ directories, configure web servers to prevent access to hidden files, monitor server logs for suspicious .git/config access, and rotate potentially exposed ...
14 hours ago Bleepingcomputer.com Snatch

France ties Russian APT28 hackers to 12 cyberattacks on French orgs - In a separate report published today, the French National Agency for the Security of Information Systems (ANSSI) says the list of French organizations attacked by APT28 military hackers includes ministerial entities, local governments, and ...
14 hours ago Bleepingcomputer.com Fancy Bear APT28

Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks - According to cybersecurity company Oligo Security security researchers who discovered and reported the flaws, they can be exploited in zero-click and one-click RCE attacks, man-in-the-middle (MITM) attacks, and denial of service (DoS) attacks, as ...
15 hours ago Bleepingcomputer.com CVE-2025-24206

France blames Russian military intelligence for years of cyberattacks on local entities | The Record from Recorded Future News - According to French officials, APT28 — also known as Fancy Bear or BlueDelta, and long believed to be an arm of the GRU’s Unit 26165 —has been behind cyber operations affecting around ten French entities since 2021. France has accused a hacker ...
16 hours ago Therecord.media Fancy Bear APT28

SK Telecom cyberattack: Free SIM replacements for 25 million customers - On April 19, the company detected a malware running on its network that allowed threat actors to steal customers' Universal Subscriber Identity Module (USIM) data, typically including International Mobile Subscriber Identity (IMSI), Mobile Station ...
16 hours ago Bleepingcomputer.com

SecAI Debuts at RSA 2025, Redefining Threat Investigation with AI - By deeply analyzing adversary tactics, techniques, and procedures (TTPs) and fusing advanced generative AI with rich, contextual threat intelligence, SecAI delivers smarter, faster, and more effective solutions for modern security teams. SecAI, an ...
17 hours ago Cybersecuritynews.com

Microsoft fixes Outlook paste, blank calendar rendering issues - As the company explains, users in the Current Channel trying to use the Ctrl+Alt+V paste special keyboard shortcut will see that it doesn't work after updating to Version 2503 Build 18623.20156 because of changes introduced to this ...
17 hours ago Bleepingcomputer.com

How Healthcare Providers Investigate And Prevent Cyber Attacks: Real-world Examples - Cyber attacks and malware are especially dangerous for healthcare companies because of the sensitive nature of the data they hold, the critical need for system uptime, and the severe consequences of disruptions or data breaches up to life-threatening ...
18 hours ago Cybersecuritynews.com

Ukraine's largest home improvement retailer disrupted by cyberattack | The Record from Recorded Future News - Ukraine’s largest home improvement retailer, Epicentr, said it had fallen victim to a large-scale cyberattack that disrupted operations at dozens of its stores across the country and crippled key IT systems, including sales registers and logistics ...
18 hours ago Therecord.media

NVIDIA Riva Vulnerabilities Exposes Enable Authorized Access to Cloud Environments - This creates a false sense of security, as attackers can still abuse services or pivot to internal systems through poorly isolated Triton Inference Server instances. Trend Micro researchers uncovered two vulnerabilities-CVE-2025-23242 and ...
18 hours ago Cybersecuritynews.com CVE-2025-23242

CISA Adds Broadcom Brocade Fabric OS Vulnerability to Known Exploited Vulnerabilities Catalog - CISA officially added a significant security flaw affecting Broadcom’s Brocade Fabric OS to its authoritative Known Exploited Vulnerabilities (KEV) Catalog, underscoring the urgent need for remediation across enterprise and government environments. ...
18 hours ago Cybersecuritynews.com

CISA tags Broadcom Fabric OS, CommVault flaws as exploited in attacks - The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of Broadcom Brocade Fabric OS, Commvault web servers, and Qualitia Active! Mail clients vulnerabilities that are actively exploited in attacks. The flaws were added ...
19 hours ago Bleepingcomputer.com CVE-2025-42599

AirPlay Zero-Click RCE Vulnerability Enables Remote Device Takeover via Wi-Fi - A critical vulnerability in Apple’s AirPlay protocol, dubbed AirBorne, has exposed over 2.35 billion active Apple devices and tens of millions of third-party gadgets to remote code execution (RCE) attacks requiring no user interaction. Researchers ...
19 hours ago Cybersecuritynews.com CVE-2025-24206

Google Chrome Vulnerability Let Attackers Escape Payload from Sandbox - Technical Details Disclosed - A critical vulnerability in Google Chrome has recently been discovered that allows malicious actors to break out of the browser’s protective sandbox environment, potentially giving attackers access to the underlying operating system. This ...
19 hours ago Cybersecuritynews.com

Europol Creates Operational Taskforce to Tackle Violence-as-a-Service - OTF GRIMM builds on previous Europol initiatives targeting organized crime and represents a more focused response to the specific threat of youth exploitation in violent criminal activities. According to Europol intelligence briefings, organized ...
19 hours ago Cybersecuritynews.com

Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild - “Zero-day exploitation will ultimately be dictated by vendors’ decisions and ability to counter threat actors’ objectives and pursuits,” concludes the report, emphasizing the critical role that proactive security measures will ...
19 hours ago Cybersecuritynews.com CVE-2024-9680

Nova Scotia energy provider takes some servers offline following cyber incident | The Record from Recorded Future News - In an FAQ on the Nova Scotia Power website, the company said the cyberattack impacted the customer care phone line and the online customer portal known as MyAccount. Nova Scotia Power and its parent company Emera said a cyberattack has affected parts ...
20 hours ago Therecord.media

OpenBSD 7.7 Released with Significant Performance & Security Enhancements - Hardware support has been expanded to include the latest processors and graphics cards, including AMD’s Ryzen AI 300 series (Strix Point, Strix Halo, Krackan Point), Radeon RX 9070 graphics cards, and Intel’s Arrow Lake processors. This ...
20 hours ago Cybersecuritynews.com

Windows Server 2025 Hotpatching Service to be Rolled Out From July 1st, 2025 - “With hotpatching, you will still need to restart your Windows Servers about four times yearly for baseline updates, but hotpatching can save significant time and ease the inconvenience of a traditional ‘patch Tuesday,'” Microsoft ...
20 hours ago Cybersecuritynews.com

JokerOTP Platform With 28,000+ Phishing Attacks Dismantled - According to authorities, JokerOTP was designed to intercept and exploit one-time passwords (OTPs) and two-factor authentication (2FA) codes, the security measures many financial institutions and online services implement to protect users. Using ...
20 hours ago Cybersecuritynews.com

Tsunami Malware Actively Attacking Users Incorporates With Miners & Credential Stealers - A sophisticated malware framework dubbed “Tsunami” has emerged as an active threat, targeting users through a multi-stage infection chain and deploying an extensive arsenal of credential stealing and cryptomining capabilities. Security ...
20 hours ago Cybersecuritynews.com Lazarus Group

Record Breaking 20.5 Million DDoS attacks, Top One With 4.8 Billion Packets - With a record-breaking 20.5 million Distributed Denial of Service (DDoS) attacks prevented in the first quarter alone, a 358% rise over the same period last year, Cloudflare has reported a historic spike in cyberattacks to start 2025. Hong Kong ...
21 hours ago Cybersecuritynews.com

Hackers Actively Attacking Git Configuration Files From 4,800+ IP’s - Security researchers at GreyNoise Intelligence have documented a record spike in Git configuration crawling activity, with approximately 4,800 unique IP addresses targeting these sensitive files daily from April 20 to 21, 2025. A notable increase in ...
21 hours ago Cybersecuritynews.com

New GPAUF Technique to Root Qualcomm-Based Android Phones - Qualcomm has issued patches for the vulnerabilities, but security experts recommend users update their devices immediately as attackers could potentially exploit these flaws to gain complete control of affected devices, access sensitive data, and ...
22 hours ago Cybersecuritynews.com CVE-2024-23380

When Satellites Go Dark - Persistent Cyber Assaults and The Growing Blind Spot - Cyber Security News - The latest malware strain, dubbed “OrbitShade,” first appeared on security researchers’ radars in early 2025, when several commercial satellite operators reported unexplained communication interruptions and command execution ...
1 day ago Cybersecuritynews.com

ResolverRAT Attacking Healthcare and Pharmaceutical Via Sophisticated Phishing Attacks - Dubbed ResolverRAT, this previously undocumented malware deploys advanced in-memory execution techniques and layered evasion methods to steal sensitive data while remaining virtually undetectable to traditional security solutions. PolySwarm analysts ...
1 day ago Cybersecuritynews.com

Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation - A significant vulnerability in the Linux kernel’s Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root level. Cyber Security News is a Dedicated ...
1 day ago Cybersecuritynews.com CVE-2025-21756

Researchers Uncovered SuperShell Payloads & Multiple Tools From Hacker’s Open Directories - The Cobalt Strike beacon, found in a file named ‘test’, utilized different infrastructure than the SuperShell components, connecting to a server disguised with a certificate claiming to represent “jquery.com” with organization ...
1 day ago Cybersecuritynews.com

Apache Tomcat Vulnerability Let Bypass Rules & Trigger DoS Condition - Identified as CVE-2025-31650, this high-severity vulnerability affects multiple Tomcat versions, posing a significant security risk to organizations relying on this popular Java application server. When attackers send numerous malformed requests ...
1 day ago Cybersecuritynews.com CVE-2025-31650

CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild - CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms. This alert comes as security teams worldwide scramble to assess exposure ...
1 day ago Cybersecuritynews.com CVE-2025-3928

Kali Linux Warns that Update Process is Going to Fail for All Users - For users who prefer starting with a clean system, Kali Linux has updated all its distribution images to include the new keyring. Kali Linux users worldwide are facing an imminent disruption as the security-focused distribution has announced that the ...
1 day ago Cybersecuritynews.com

Marks & Spencer breach linked to Scattered Spider ransomware attack - Scattered Spider, also known as 0ktapus, Starfraud, UNC3944, Scatter Swine, Octo Tempest, and Muddled Libra, is a group of threat actors that are adept at using social engineering attacks, phishing, ...
1 day ago Bleepingcomputer.com Scattered Spider

Hitachi Vantara takes servers offline after Akira ransomware attack - In a statement shared with BleepingComputer, Hitachi Vantara confirmed the ransomware attack, saying it hired external cybersecurity experts to investigate the incident's impact and is now working on getting all affected systems online. "On April 26, ...
1 day ago Bleepingcomputer.com Akira

Media firm Urban One confirms data breach after cybercriminals claim February attack | The Record from Recorded Future News - The company reported about $450 million in revenue in 2024 and previously informed California regulators of a data breach in 2019 that involved the theft of more than 1,000 Social Security numbers. Urban One is the largest media company targeting the ...
1 day ago Therecord.media

VeriSource now says February data breach impacts 4 million people - The firm has begun data breach notifications to impacted individuals about a cybersecurity incident that occurred in February 2024, but the impact of which it took them until April 2025 to evaluate. In the sample VeriSource shared with Maine's ...
1 day ago Bleepingcomputer.com

Threat Actors Leverage Access to Valid Accounts via Phishing Attack - In a significant shift observed during the first quarter of 2025, cybersecurity experts have documented a dramatic surge in phishing attacks, with threat actors increasingly using this vector to gain access to valid user accounts. Vishing ...
1 day ago Cybersecuritynews.com Cactus

Threat Actors Increasingly Utilize Ransomware as a Service Boosted by EDR Killers - ESET researchers discovered instances where a single threat actor possessed multiple EDRKillShifter variants linked to various ransomware groups including BianLian, RansomHub, Medusa, and Play, indicating skilled affiliates simultaneously working ...
1 day ago Cybersecuritynews.com Medusa LockBit BianLian Ransomhub

Threat Actors Weaponize Language Software to Windows-Based Remote Surveillance Malware - The targeting of Uyghur language software reflects how threat actors exploit cultural preservation tools to compromise the very communities they were designed to serve. It creates a digital dilemma for those developing specialized software for ...
1 day ago Cybersecuritynews.com Silence

Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw - Researchers reported that the threat actors are utilizing webshells with names like, "cache.jsp" and "helper.jsp." Howver, Nextron Research says they are also using random names, making it more difficult to find vulnerable Netweaver ...
1 day ago Bleepingcomputer.com CVE-2025-31324

Kali Linux warns of update failures after losing repo signing key - Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. This isn't the first time Kali Linux users have had to manually update their keyring to avoid having update ...
1 day ago Bleepingcomputer.com

RansomHub Ransomware Deploying Malware to Compromise Corporate Networks - The downloaded “Update.zip” contains “Update.js,” a JScript file that sends a POST request to the SocGholish C2 server at “hxxps://exclusive.nobogoods[.]com/updateStatus” to retrieve the next stage of the attack. ...
1 day ago Cybersecuritynews.com Ransomhub

SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells - This vulnerability stems from a missing authorization check in the Metadata Uploader component, allowing unauthenticated attackers to upload malicious executable files by sending specially crafted POST requests to the ...
1 day ago Cybersecuritynews.com

Microsoft fixes Outlook on the web search issues, failures - Last month, it resolved another incident (EX1035922) caused by a code error that blocked some Exchange Online users from searching using Outlook on the web or the new Outlook client, with affected customers seeing 'We didn't find anything, try a ...
1 day ago Bleepingcomputer.com

BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day - BreachForums, a notorious cybercrime marketplace and successor to RaidForums, has confirmed that its platform was the target of a sophisticated law enforcement operation exploiting a previously unknown vulnerability, commonly referred to as a ...
1 day ago Cybersecuritynews.com

SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code - The company recommends running the Epson Software Updater to download and install the “Security vulnerability patch” and the “Epson Printer Driver Security Support Tool”. “An attacker may execute arbitrary code with ...
1 day ago Cybersecuritynews.com CVE-2025-42598

19 APT Hackers Attacking Asia Company's Servers by Exploiting Vulnerability & Spear Phishing Email - The technical sophistication demonstrated in these attacks highlights the evolving capabilities of APT groups targeting Asian organizations, requiring enhanced security measures and continued vigilance from cybersecurity teams across the region. In ...
1 day ago Cybersecuritynews.com Lazarus Group APT37 APT3

China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data - The malware enabled attackers to execute arbitrary network commands while employing sophisticated techniques to avoid detection, including full communication encryption, string encoding, data compression, and complex cryptography. From May to July ...
1 day ago Cybersecuritynews.com

Windows 11 25H2 to be Released Possibly With Minor Changes - Unlike the more substantial updates seen in previous releases, Windows 11 25H2 appears to focus on incremental enhancements and stability improvements, aligning with Microsoft’s strategy of delivering enablement packages that unlock existing ...
1 day ago Cybersecuritynews.com

Ukrainian state and banking services restored after data center outage | The Record from Recorded Future News - The outage, caused by a power failure at De Novo’s data center, temporarily knocked offline services including Ukraine’s Diia government app, local banks, postal delivery giant Nova Post and contactless payment systems such as Apple Pay and ...
1 day ago Therecord.media

Cloudflare mitigates record number of DDoS attacks in 2025 - Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online ...
1 day ago Bleepingcomputer.com

FBI Reports Shocking ₹1.38 Lakh Crore Loss in 2024, 33% Increased From 2023 - Cyber Security News - The FBI’s report emphasizes the importance of reporting cyber incidents promptly through the IC3 portal, noting that their Recovery Asset Team achieved a 66% success rate in freezing fraudulent transactions, recovering over $561 million in ...
1 day ago Cybersecuritynews.com LockBit

Monitoring Dark Web Threats - CISO’s Proactive Approach - By embedding these best practices into the organization’s security posture, CISOs can ensure that dark web monitoring delivers actionable insights and drives continuous improvement. As the dark web continues to evolve, CISOs must champion a culture ...
1 day ago Cybersecuritynews.com

Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack - A massive power outage struck the Iberian Peninsula on April 28, 2025, plunging millions of people into darkness as electricity supplies were suddenly cut across Spain and Portugal. Electric sector sources dismiss the possibility of a simple short ...
1 day ago Cybersecuritynews.com

M&S warehouse workers told not to come to work following cyberattack | The Record from Recorded Future News - It follows the company — which has more than 1,400 stores worldwide and made a profit before tax last year of £672 million ($896 million) — announcing on Friday that it was pausing all online shopping three days after it initially announced it ...
1 day ago Therecord.media

New RedExt Chrome Extension Tool for Red Teamers with a Flask-based C2 Server - A sophisticated new red team tool called RedExt has recently been released, combining a Manifest V3 Chrome extension with a Flask-based Command and Control (C2) server to create a powerful framework for authorized security operations. As ...
1 day ago Cybersecuritynews.com

Aligning Cybersecurity with Business Goals - CISO Insights - By translating technical risks, such as ransomware, supply chain threats, or cloud misconfiguration, into clear business impacts like financial loss, operational downtime, or reputational harm, CISOs can secure executive buy-in and ensure that ...
1 day ago Cybersecuritynews.com

Ransomware Defense Playbook for CISOs in 2025 - Additionally, CISOs should work closely with cyber insurance providers to validate that policies cover modern ransomware threats, including business interruption, reputational damage, and regulatory fines. For Chief Information Security Officers ...
1 day ago Cybersecuritynews.com

Trending Cyber News (last 7 days)

Hackers Exploiting Microsoft 365 OAuth Workflows to Target Organizations - “This latest series of attacks marks the second time since January 2025 that Russian threat actors have utilized little-known techniques to obtain access to M365 resources,” researchers concluded. In some instances, attackers use the ...
6 days ago Cybersecuritynews.com

Hackers Weaponized Google Forms to Evade Email Security & Steal Logins - Cyber Security News - The platform’s reputation as a legitimate Google service means that links to these forms frequently bypass email security controls that would generally flag suspicious URLs. Security researchers have observed attackers utilizing the HTTP POST ...
6 days ago Cybersecuritynews.com

Marks & Spencer Confirms a Cyberattack Hits Payments & Online Orders - The company has also fulfilled regulatory obligations by reporting the incident to the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC). “The Company has engaged external cyber security experts to ...
6 days ago Cybersecuritynews.com Silence

New Malware Hijacking Docker Images with Unique Obfuscation Technique - A newly discovered malware campaign is targeting Docker environments, employing a sophisticated, multi-layered obfuscation technique to evade detection and hijack compute resources for cryptojacking. Security researchers from Darktrace and Cado ...
6 days ago Cybersecuritynews.com

Synology Network File System Vulnerability Let Read Any File - The vulnerability, tracked as CVE-2025-1021 and detailed in a security advisory, was resolved in recent updates and affects multiple versions of the popular network-attached storage (NAS) operating system. This vulnerability enables unauthenticated ...
6 days ago Cybersecuritynews.com CVE-2025-1021

Ransomware groups test new business models to hit more victims, increase profits | The Record from Recorded Future News - While this type of extortion is not completely novel, with AlphV/BlackCat reportedly disclosing an incident to the U.S. Securities and Exchange Commission after a victim refused to make a ransom payment, Secureworks said it has not seen other ...
6 days ago Therecord.media LockBit Dragonforce

Millions impacted by data breaches at Blue Shield of California, mammography service and more | The Record from Recorded Future News - Just in the last week, Onsite Mammography, Kelly & Associates Insurance Group, Behavioral Health Resources, Hamilton Health Care System, Central Texas Pediatric Orthopedics and Medical Express Ambulance Service have all reported data breaches ...
6 days ago Therecord.media

Russian army targeted by new Android malware hidden in mapping app - The spyware, which was discovered by researchers at Russian mobile antivirus company Doctor Web, hides inside a fully working Alpine Quest app, reducing suspicion and creating valuable data theft opportunities. A new Android malware has been ...
6 days ago Bleepingcomputer.com

Hackers Exploited 17-year-old vulnerability to Weaponize Word Documents - Security researchers at Fortinet’s FortiGuard Labs have uncovered a sophisticated phishing campaign that uses weaponized Microsoft Word documents to deliver information-stealing malware to unsuspecting Windows users. “This vulnerability ...
6 days ago Cybersecuritynews.com Equation CVE-2017-11882

ASUS releases fix for AMI bug that lets hackers brick servers - After downloading the latest BMC firmware update (.ima file), you can apply it through the web interface > Maintenance > Firmware Update, select the file, and click 'Start Firmware Update.' It is also recommended that you check the 'Full Flash' ...
6 days ago Bleepingcomputer.com CVE-2024-54085

Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter | The Record from Recorded Future News - “In the past, Cloudflare has seen governments primarily implementing internet shutdowns around national exams, and around (disputed) elections and/or protests, so fewer of these events in the first quarter may have been a factor,” a spokesperson ...
6 days ago Therecord.media Silence

Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Flaw - Cisco Systems has issued a critical security advisory confirming that multiple products across its portfolio are affected by a remote code execution (RCE) vulnerability in the Erlang/OTP SSH server (CVE-2025-32433). The vulnerability impacts critical ...
5 days ago Cybersecuritynews.com CVE-2025-32433

Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds - Meanwhile, Coin98 Wallet contained a vulnerability allowing attackers to send crafted messages with isDev:true parameter to the Content Script, making the Background Script believe commands came from the legitimate Wallet UI rather than a malicious ...
6 days ago Cybersecuritynews.com CVE-2023-40580

FBI: US lost record $16.6 billion to cybercrime in 2024 - According to the bureau's annual Internet Crime Complaint Center (IC3) report, IC3 recorded 859,532 complaints last year (256,256 with actual loss), amounting to an average loss of $19,372. Fraud represented the bulk of reported losses in 2024, and ...
6 days ago Bleepingcomputer.com

FireEye EDR Agent Vulnerability Let Attackers Inject Malicious Code - The newly identified vulnerability enables a malicious third party to invoke a persistent denial of service condition in the FireEye EDR agent by sending a specially crafted tamper protection event to the HX service, which triggers an exception in ...
6 days ago Cybersecuritynews.com CVE-2025-0618

Blue Shield of California leaked health data of 4.7 million members to Google - "On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, Google Analytics was configured in a way that allowed certain member data to be shared with Google's advertising product, Google Ads, that likely included ...
6 days ago Bleepingcomputer.com Blacksuit

Ripple XPRL Official NPM Package Hijacked To Inject Private Key Stealing Malware - “This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” warned Charlie Eriksen, a malware researcher at Aikido Security. The ...
6 days ago Cybersecuritynews.com

The Evolving Role of the CISO - Balancing Risk and Innovation in the Digital Age - The CISO emerges as a critical bridge between technical rigor and business agility in this landscape, ensuring security frameworks adapt to technological advancements without stifling growth. Beyond technical oversight, CISOs now quantify cyber risks ...
6 days ago Cybersecuritynews.com

Hackers Exploiting MS-SQL Servers & Deploy Ammyy Admin for Remote Access - Security researchers have identified that threat actors are specifically exploiting poorly secured MS-SQL instances to install Ammyy Admin, a legitimate remote desktop software that can be misused for unauthorized access, alongside a privilege ...
4 days ago Cybersecuritynews.com

Building A Unified Security Strategy: Integrating Digital Forensics, XDR, And EDR For Maximum Protection - To effectively counter these threats, organizations must integrate Digital Forensics, Extended Detection and Response (XDR), and Endpoint Detection and Response (EDR) into a unified security framework. It involves two main components: digital ...
6 days ago Cybersecuritynews.com

Threat Actors Registered 26k+ Domains Mimic Brands to Trick Users - These malicious domains serve as landing pages for sophisticated smishing (SMS phishing) campaigns, where unsuspecting users receive text messages containing links to what appear to be legitimate services. The domains follow specific naming patterns ...
4 days ago Cybersecuritynews.com Cloak

CVE-2024-13808 - The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access ...
4 days ago

Weekly Cyber Security News Letter - Last Week's Top Cyber Attacks & Vulnerabilities - A critical vulnerability in Windows Defender Application Control (WDAC) has been uncovered, allowing attackers to bypass strict security policies using WinDbg Preview, a Microsoft Store app. A vulnerability in the FireEye EDR agent allows attackers ...
2 days ago Cybersecuritynews.com Hunters Akira

Threat Actors Using Weaponized SVG Files to Redirect Users to Malicious Websites - According to their analysis, these malicious SVG files frequently appear as seemingly harmless email attachments that trigger no alerts from traditional security solutions. A particularly concerning trend involves the weaponization of Scalable Vector ...
6 days ago Cybersecuritynews.com

NVIDIA NeMo Framework Vulnerability Let Attackers Execute Remote Code - A successful exploit of this vulnerability might lead to code execution and data tampering,” states the official security bulletin. “NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted ...
5 days ago Cybersecuritynews.com

CVE-2024-52887 - Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. ...
3 days ago

CVE-2025-4014 - A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed ...
1 day ago

CVE-2025-4071 - A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The ...
17 hours ago

North Korean IT workers seen using AI tools to scam firms into hiring them | The Record from Recorded Future News - In an effort to improve its own onboarding process and help customers dealing with the scheme, cybersecurity firm Okta conducted research into online services used by individuals identified by U.S. authorities and third parties as agents for the ...
5 days ago Therecord.media

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts - “In logs reviewed by Volexity, initial device registration was successful shortly after interacting with the attacker. Access to email data occurring the following day, which was when UTA0355 had engineered a situation where their 2FA ...
5 days ago Bleepingcomputer.com

SAP fixes critical Netweaver flaw exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
4 days ago Bleepingcomputer.com CVE-2025-31324

Russian Hackers Attempting to Sabotage The Digital Control System of a Dutch Public Service - This cyber sabotage attempt appears to be part of an intensifying campaign of Russian hybrid warfare targeting the Netherlands, which has also included interference in European elections and mapping of vital North Sea infrastructure including ...
4 days ago Cybersecuritynews.com

New Power Parasites Phishing Attack Targeting Energy Companies and Major Brands - A sophisticated phishing campaign dubbed “Power Parasites” has been actively targeting global energy giants and major brands since 2024, according to a comprehensive threat report released this week. The ongoing campaign primarily ...
3 days ago Cybersecuritynews.com

Critical Langflow Vulnerability Allows Malicious Code Injection - Technical Details Revealed - Cybersecurity researchers have uncovered a critical remote code execution (RCE) vulnerability in Langflow, an open-source platform widely used for visually composing AI-driven agents and workflows. The security flaw affects all Langflow versions ...
5 days ago Cybersecuritynews.com

Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication - “An SSH tunnel with port forwarding exposes the database service to external access, creating a direct communication channel with the database from a remote system,” explains the researcher. “By leveraging this capability, I was ...
5 days ago Cybersecuritynews.com

Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining - Cyber Security News - In a troubling development for cybersecurity professionals, threat actors are increasingly targeting unsecured Kubernetes clusters to deploy cryptocurrency mining operations, leveraging the computational resources of victim organizations without ...
5 days ago Cybersecuritynews.com

Microsoft fixes machine learning bug flagging Adobe emails as spam - In August 2024, it also mitigated an Exchange Online bug that tagged emails containing images as malicious and sent them to quarantine automatically, while in October 2023, it had to disable a bad anti-spam rule that was flooding Microsoft 365 ...
5 days ago Bleepingcomputer.com

Lazarus hackers breach six companies in watering hole attacks - In the incidents analyzed by Kaspersky, victims are redirected to sites that mimick software vendors, such as the distributor of Cross EX - a tool that enables South Koreans to use security software in various web browsers for online banking and ...
5 days ago Bleepingcomputer.com

Chrome UAF Vulnerabilities Exploited in the Wild - In Chrome, UAFs have historically been a major source of critical security bugs, particularly within the browser process, which has direct access to sensitive user data and system resources. These flaws, rooted in improper memory management, have ...
4 days ago Cybersecuritynews.com

SAP fixes suspected Netweaver zero-day exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
4 days ago Bleepingcomputer.com CVE-2025-31324

CVE-2025-4072 - A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/edit-nurse.php. The manipulation leads to sql injection. The attack may be initiated ...
16 hours ago

CVE-2025-31324 - SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect ...
9 hours ago CVE-2025-31324

Commvault RCE Vulnerability Lets Remote Attackers Execute Arbitrary Code - Security researchers have identified a path traversal vulnerability in Commvault Command Center that allows unauthenticated actors to upload malicious ZIP files which, when expanded by the target server, can result in Remote Code Execution (RCE). A ...
6 days ago Cybersecuritynews.com CVE-2025-34028

Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities - The severity classification system considers both the vulnerability type and the security impact, with the highest rewards for vulnerabilities that could allow attackers to exfiltrate another user’s data or perform privileged actions without ...
6 days ago Cybersecuritynews.com

Commvault RCE Vulnerability Let Attackers Breach the Vault - PoC Released - The vulnerability, tracked as CVE-2025-34028, could allow attackers to compromise enterprise backup systems without requiring authentication, potentially putting organizations’ most critical data at risk. Cyber Security News is a Dedicated News ...
5 days ago Cybersecuritynews.com CVE-2025-34028

Ransomware now plays a role in nearly half of all breaches, new research finds | The Record from Recorded Future News - Verizon found that 64% of ransomware victims did not pay the ransoms — which was up from 50% two years ago — and the median amount paid to ransomware groups has decreased to $115,000 (from $150,000 last year). One section of the report focusing ...
5 days ago Therecord.media