Cyber News
CyberSecurityBoard.com is a cyber news aggregator platform with all of the top news, blogs, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place. CyberSecurityBoard's ultimate goal is providing a useful and effective tool to help you getting a better understanding and quicker overview of everything happening in the world of Cybersecurity.
Latest Cyber News
Microsoft confirms May Windows 10 updates trigger BitLocker recovery - Microsoft's acknowledgment of this issue comes after many Windows users and admins have reported seeing devices unexpectedly enter the Windows Recovery Environment (WinRE) and displaying a BitLocker recovery screen after installing the KB5058379 ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
Feds charge 12 more suspects in RICO case over crypto crime spree | The Record from Recorded Future News - Two additional suspects in the case — 20-year-old Malone Lam and Jeandiel Serrano, 21 — were arrested in September 2024 and charged in connection with the theft of about $245 million from a victim in Washington, D.C through a social engineering ...
3 weeks ago Therecord.media
3 weeks ago Therecord.media
Hands-on Malware Analysis Training to Boost Up SOC & MSSP Teams - With ANY.RUN malware analysis training learners are provided with unrestricted access to the sandbox and a curated collection of new malware samples contributed by ANY.RUN’s extensive global user community comprises 15,000 corporate security ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
macOS Gatekeeper Explained: Strengthening System Defenses - Apple’s macOS Gatekeeper, a cornerstone of the operating system’s defense against malicious software, has undergone significant macOS Sequoia (15.0) updates to address emerging security challenges. Developers submitting apps to Apple’s notary ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Israel arrests new suspect behind Nomad Bridge $190M crypto hack - An American-Israeli national named Osei Morrell has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. Osei Morrell is not ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
ChatGPT rolls out Codex, an AI tool for software programming - According to OpenAI, Codex is based on codex-1, which is a new version of ChatGPT based on the existing o3 model, but it has been optimized for coding, which results in increased accuracy. OpenAI is rolling out 'Codex' for ChatGPT, which is an ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
SSH Auth Keys Reuse Exposes Sophisticated Targeted Phishing Attack - A coordinated phishing campaign targeting Kuwait’s critical sectors has been exposed through a distinctive operational security lapse: the consistent reuse of SSH authentication keys across multiple attack servers. The campaign, which remains ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own - During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. Palo Alto ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
Linux Kernel Patching: Preventing Exploits in 2025 - Live kernel patching technologies like Kpatch and SUSE Live Patch have evolved from niche tools to essential components of enterprise security postures. Immutable Infrastructure: Cloud providers combine kernel live patching with ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Printer maker Procolored offered malware-laced drivers for months - Cameron Coward, a YouTuber known as Serial Hobbyism, discovered the malware when his security solution warned of the presence of the Floxif USB worm on his computer when installing the companion software and drivers for a $7,000 Procolored ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
New Vulnerability Affects All Intel Processors From The Last 6 Years - Affecting all Intel processors released in the past six years-including those in consumer devices and cloud server infrastructure-the vulnerability exploits speculative execution technologies designed to accelerate computational performance. The BPRC ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Chinese Agent Impersonates as Stanford Student For Intelligence Gathering - According to experts consulted during the investigation, Chen was “likely an agent of the Chinese Ministry of State Security (MSS), tasked with identifying sympathetic Stanford students and gathering intelligence”. The agent, operating ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Ransomware gangs increasingly use Skitnet post-exploitation malware - Prodaft told BleepingComputer they have observed multiple ransomware operations deploying Skitnet in real-world attacks, including BlackBasta in Microsoft Teams phishing attacks against the enterprise, and Cactus. The malware has been offered for ...
3 weeks ago Bleepingcomputer.com Cactus
3 weeks ago Bleepingcomputer.com Cactus
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack | The Record from Recorded Future News - Although the hospital has not disclosed specifics about the cyber incident, local authorities confirmed the attackers targeted software used to manage patient records and medical histories. A private hospital in the Russian republic of Chuvashia ...
3 weeks ago Therecord.media
3 weeks ago Therecord.media
Malware Mastermind Andrei Tarasov Evades US Extradition Returns to Russia - “As alleged, Silnikau, Kadariya, Tarasov, and conspirators used multiple strategies to profit from their widespread hacking and wire fraud,” stated the US Department of Justice in documents released after Silnikau’s extradition from ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
FBI Warns of US Govt Officials Impersonated in Malicious Message Campaign - The Federal Bureau of Investigation (FBI) issued an urgent warning Thursday about an ongoing malicious campaign where cybercriminals are impersonating senior US officials through text messages and AI-generated voice calls. “The malicious actors ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations | The Record from Recorded Future News - The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense, which had tracked closely ...
3 weeks ago Therecord.media
3 weeks ago Therecord.media
Multiple Ivanti Endpoint Manager Vulnerabilities Allows Remote Code Execution - Critical security flaws have been uncovered in Ivanti Endpoint Manager Mobile (EPMM), a widely used mobile device management (MDM) solution, exposing organizations to the risk of unauthenticated remote code execution (RCE). The discovery and ongoing ...
3 weeks ago Cybersecuritynews.com CVE-2025-4427
3 weeks ago Cybersecuritynews.com CVE-2025-4427
Windows Security Updates: How to Stay Ahead of Vulnerabilities - In April 2025, cybersecurity teams were starkly reminded of the stakes involved in patch management when Microsoft disclosed CVE-2025-29824, a zero-day privilege escalation flaw in the Windows Common Log File System (CLFS) driver. In April 2025, ...
3 weeks ago Cybersecuritynews.com CVE-2025-29824
3 weeks ago Cybersecuritynews.com CVE-2025-29824
Windows 10 KB5058379 Update Boots PCs into Windows Recovery & Require BitLocker key - “I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled ‘BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379′ on Windows 10 machines,” a ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Hackers Attacking Industrial Automation Systems With 11,600+ Malware Families - Industrial automation systems worldwide are facing an unprecedented scale of cyber threats, with security researchers detecting a staggering 11,679 distinct malware families targeting critical infrastructure in the first quarter of 2025. Securelist ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
UK National Health Service suppliers asked to tackle ‘endemic’ ransomware attacks | The Record from Recorded Future News - The letter sets out NHS England’s views on best practices from suppliers, and asks them to take several steps — including to maintain immutable backups for recovery purposes, ensure multifactor authentication is turned on for network access, and ...
3 weeks ago Therecord.media
3 weeks ago Therecord.media
Hackers Actively Exploiting PowerShell to Evade Antivirus & EDR - Cyber Security News - The visualization reveals how legitimate Windows processes are hijacked to execute malicious code, creating a complex chain that makes attribution and detection challenging for security teams. Cybersecurity experts have identified a concerning trend ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Cybersecurity for Mergers and Acquisitions - A CISO’s Guide - Recent analyses reveal that 50% of cybersecurity incidents during M&A processes stem from non-malicious integration challenges, while dark web forums buzz with threat actors exploiting transition vulnerabilities. As global M&A activity ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
US charges 12 more suspects linked to $230 million crypto theft - While posing as a Gemini support representative, they deceived the victim into resetting two-factor authentication (2FA) and sharing their screen via AnyDesk (a remote desktop application) after claiming the account had been compromised, which gave ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
Mitigating macOS Zero-Day Risks - Tools and Techniques - As macOS zero-day threats grow more sophisticated, combining Apple’s built-in protections with third-party security tools and rigorous security practices provides the most comprehensive defense strategy. These third-party solutions are ...
3 weeks ago Cybersecuritynews.com CVE-2024-44243
3 weeks ago Cybersecuritynews.com CVE-2024-44243
CISA tags recently patched Chrome bug as actively exploited - This is the second actively exploited Chrome zero-day patched by Google this year, after another high-severity Chrome zero-day bug (CVE-2025-2783), which was abused to target Russian government organizations, media outlets, and educational ...
3 weeks ago Bleepingcomputer.com CVE-2025-2783
3 weeks ago Bleepingcomputer.com CVE-2025-2783
Securing Linux Containers - A Guide for Cloud-Native Environments - “A core principle of container security is reducing the attack surface-the total of all points where an unauthorized user could try to access the system,” notes a recent TuxCare security advisory. The most effective container security ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Jenkins Security Update Released With The Fixes for The Vulnerabilities That Exploit CI/CD Pipelines - The Jenkins project has issued a critical security advisory detailing vulnerabilities in five widely used plugins: Cadence vManager, DingTalk, Health Advisor by CloudBees, OpenID Connect Provider, and WSO2 Oauth. OpenID Connect Provider Plugin ...
3 weeks ago Cybersecuritynews.com CVE-2025-47884
3 weeks ago Cybersecuritynews.com CVE-2025-47884
Commit Stomping - An Offensive Technique Let Hackers Manipulate Timestamps in Git to Alter File Metadata - While not a bug or vulnerability, Commit Stomping exploits Git’s flexibility to rewrite the timeline of code changes, posing significant risks to software supply chain security, incident response, and code audits. Inspired by ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Researchers Emulated VanHelsing Ransomware Advanced Tactics & Tools Used - AttackIQ researchers identified that as of May 14, 2025, the VanHelsing operation had already infected five organizations across the United States, France, Italy, and Australia, with data from three non-compliant victims published on their leak site. ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Windows Defender Best Practices - Optimizing Endpoint Protection - Microsoft Defender for Endpoint has emerged as a critical tool in this landscape, offering AI-driven threat detection, automated response, and integration with broader security ecosystems like Microsoft Defender XDR. By combining Defender’s native ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Android 16 Comes with Advanced Device-level Security Setting Protection for 3 Billion Devices - Google has announced a significant enhancement to its Advanced Protection Program with the release of Android 16, introducing a robust device-level security setting aimed at safeguarding users against sophisticated cyber threats. While Android 16 ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked - Pwn2Own Day 1 - Sina Kheirkhah (@SinSinology) of Summoning Team and Viettel Cyber Security (@vcslab) both demonstrated successful exploits, each earning $15,000 and 1.5 Master of Pwn points despite the vendor’s prior knowledge of the vulnerabilities. Red Hat Linux ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
Proofpoint to Acquire Microsoft 365 Security Provider Hornetsecurity For $1 Billion - Proofpoint, Inc., a global leader in cybersecurity and compliance, has announced a definitive agreement to acquire Hornetsecurity Group, a prominent pan-European provider of AI-powered Microsoft 365 (M365) security, compliance, and data protection ...
3 weeks ago Cybersecuritynews.com
3 weeks ago Cybersecuritynews.com
CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in the Wild - Patch Now! - This high-severity issue in Google Chromium involves insufficient policy enforcement in the Loader component, enabling remote attackers to leak cross-origin data via crafted HTML pages. The Cybersecurity and Infrastructure Security Agency (CISA) ...
3 weeks ago Cybersecuritynews.com CVE-2025-4664
3 weeks ago Cybersecuritynews.com CVE-2025-4664
Leak confirms OpenAI's ChatGPT will integrate MCP - ChatGPT is testing support for Model Context Protocol (MCP), which will allow it to connect to third-party services and use them as context. MCP is an open-source standard that allows developers to expose third-party data through ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
ChatGPT will soon record, transcribe, and summarize your meetings - As spotted by X user M1Astra, ChatGPT mobile app code clearly mentions a “Record” feature for live meetings that supports pausing, resuming, and turning audio into text. OpenAI may be planning to challenge Microsoft Teams Copilot ...
3 weeks ago Bleepingcomputer.com
3 weeks ago Bleepingcomputer.com
Windows 10 KB5058379 update triggering BitLocker Recovery after install - "I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled "BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379" on Windows 10 machines," an impacted ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
Government webmail hacked via XSS bugs in global spy campaign - Hackers are running a worldwide cyberespionage campaign dubbed 'RoundPress,' leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. A malicious JavaScript payload embedded in the HTML body of ...
4 weeks ago Bleepingcomputer.com Fancy Bear APT28
4 weeks ago Bleepingcomputer.com Fancy Bear APT28
Ban sales of gear from China’s TP-Link, Republican lawmakers tell Trump administration | The Record from Recorded Future News - In requesting the ban on TP-Link router sales, the lawmakers cited Executive Order 13873, signed by President Donald Trump in his first term, which allows the Commerce Department to prohibit foreign-made products deemed to present threats to national ...
4 weeks ago Therecord.media
4 weeks ago Therecord.media
FBI: US officials targeted in voice deepfake attacks since April - This warning is part of a public service announcement issued on Thursday that also provides mitigation measures to help the public spot and block attacks using audio deepfakes (also known as voice deepfakes). The FBI warned that cybercriminals using ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
Coinbase Hacked - Massive Data Breach Costs Them $400 Million - Coinbase emphasized that the breach did not impact the security of customer funds, as the involved contractors and employees lacked access to financial systems. The breach, orchestrated by an unknown threat actor, involved the unauthorized access of ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
New .NET Multi-stage Loader Attacking Windows Systems to Deploy Malicious Payloads - While earlier variants embedded the second stage as hardcoded strings, newer versions have adopted more sophisticated concealment methods, hiding malicious code within bitmap resources to avoid triggering security alerts. A sophisticated .NET ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Nova Scotia Power confirms hackers stole customer data in cyberattack - Nova Scotia Power confirms it suffered a data breach after threat actors stole sensitive customer data in a cybersecurity incident discovered last month. Customers of Nova Scotia Power are advised to remain vigilant for phishing attempts, including ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
Hackers Abuse Google Services to Send Malicious Law Enforcement Requests - The attack utilizes official Google infrastructure, including the company’s OAuth system and sites.google.com domain, to create messages that appear to come directly from Google’s trusted [email protected] address. A sophisticated ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
CISA Issues Urgent Warning Over Five Actively Exploited Windows 0-Day Vulnerabilities - CISA has issued an urgent alert after adding five new Microsoft Windows zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. Security experts warn that these ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Windows Defender Application Control Bypassed Using Operationalizing Browser Exploits - Researchers have uncovered a sophisticated technique to bypass Windows Defender Application Control (WDAC), a critical Windows security feature designed to prevent unauthorized code execution. The bypass leverages vulnerabilities in trusted Electron ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Threat Actors Weaponizing Open Source Packages to Deliver Malware in Supply Chain Attack - In one campaign linked to North Korean threat actors, Socket.dev researchers discovered a package delivering a loader called “BeaverTail” that stole browser data and cryptocurrency wallet credentials before fetching a more advanced ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Windows 11 and Red Hat Linux hacked on first day of Pwn2Own - Summoning Team's Sina Kheirkhah was awarded another $35,000 for a Chroma zero-day and an already known vulnerability in Nvidia's Triton Inference Server, while STARLabs SG's Billy and Ramdhan earned $60,000 for escaping Docker Desktop and ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
U.S. officials Investigating Rogue Communication Devices in Solar Power Inverters - According to security experts familiar with the matter, these unauthorized components create secondary communication channels that may allow remote access to critical energy infrastructure without detection, potentially enabling foreign actors to ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
DIOR Cyber Attack - Customers Personal & Financial Data Exposed - “No passwords or payment information, including bank account or payment card information, were in the database affected in the incident… The confidentiality and security of our customers’ data is an absolute priority for the House of Dior. ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Xerox Issues April 2025 Security Patch Update for FreeFlow Print Server v2 - Xerox has announced the release of its April 2025 Security Patch Update for the FreeFlow® Print Server v2 running on Windows® 10, reinforcing the company’s commitment to robust cybersecurity for its production print platforms. The update, ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
New Tor Oniux tool anonymizes any Linux app's network traffic - Unlike classic methods like torsocks, which rely on user-space tricks, Oniux uses Linux namespaces to create a fully isolated network environment for each application, preventing data leaks even if the app is malicious or misconfigured. "We are ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
TransferLoader Malware Allows Attackers to Execute Arbitrary Commands on Compromised System - Zscaler’s cloud security platform has implemented detections for associated IOCs, including C2 servers like [.]cloud/MDcMkjAxsLKsT and payload hashes such as b55ba0f869f64.... Cybersecurity teams are advised to monitor for unusual IPFS traffic and ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
New DarkCloud Stealer Uses AutoIt to Evade Detection & Steal Login Credentials - A new variant of the DarkCloud information-stealing malware has emerged, leveraging the AutoIt scripting language to bypass security tools and harvest sensitive credentials from infected systems. According to researchers at Palo Alto Networks’ Unit ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Chihuahua Stealer Leverages Google Drive Document to Steal Browser Login Credentials - A newly discovered .NET-based infostealer dubbed “Chihuahua Stealer” has emerged as a significant threat, exploiting Google Drive documents to deliver malicious PowerShell scripts and steal sensitive data. Organizations are advised to ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Malicious npm package using steganography downloaded by hundreds - Researchers at Veracode, a code security assessment company, found that the first version of the package was added to the Node Package Manager (NPM) index on March 19 and was benign, as it only collected operating system information from the host. ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
Coinbase data breach exposes customer info and government IDs - While the threat actors managed to steal a combination of personally identifiable information of up to 1% of Coinbase's customer base (around 1 million individuals), they couldn't steal customers' private keys or passwords, and couldn't ...
4 weeks ago Bleepingcomputer.com
4 weeks ago Bleepingcomputer.com
Microsoft Outlook Down - Millions of Users Affected With This Longest Outage in Microsoft History - According to Microsoft, affected users attempting to visit sites such as , , , and , along with related regional domains (e.g., .co.uk, .nl, .fr), are encountering a “500 Internal Server Error.” This error indicates a failure in site ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Coinbase offers $20 million bounty after extortion attempt with stolen data | The Record from Recorded Future News - The industry giant said in a regulatory filing with the Securities and Exchange Commission (SEC) that an “unknown threat actor” emailed a demand on May 11 for $20 million, threatening to publish stolen data about Coinbase customers and other ...
4 weeks ago Therecord.media
4 weeks ago Therecord.media
Threat Actors Using Weaponized HTML Files to Deliver Horabot Malware - The malware spreads via phishing emails disguised as financial invoices, often titled “Factura Adjunta” (Attached Invoice), and uses a multi-stage payload delivery system involving HTML, VBScript, and PowerShell. To establish persistence, ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Hackers Disguised Remote Access Malware as Microsoft Edge service - While the service name and path were designed to blend in seamlessly with legitimate Windows processes, a closer inspection revealed suspicious command-line arguments, notably --meshServiceName="MicrosoftEdge", which pointed to the presence of a ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Russian Hackers Exploiting MDaemon 0-Day Vulnerability to Hack Webmail Servers - A recently uncovered cyber-espionage campaign linked to Russian state-sponsored actors has been targeting enterprise webmail servers using a critical zero-day vulnerability in MDaemon, a widely used email server software. WeliveSecurity analysts ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
TA406 Hackers Attacking to Attack Government Entities to Steal Login Credentials - A Democratic People’s Republic of Korea (DPRK)-linked threat actor tracked as TA406 has intensified cyber espionage efforts against Ukrainian government entities since February 2025, deploying sophisticated phishing campaigns aimed at stealing ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Enisa Launches European Vulnerability Database to Enhance Digital Security - Mandated by the NIS2 Directive, the EUVD is designed to aggregate and interconnect publicly available vulnerability information from a wide array of sources, including national Computer Security Incident Response Teams (CSIRTs), industry threat ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Threat Actors Exploit AI & LLM Tools to Begun Using Them as Offensive Tools - These tools enable threat actors to rapidly generate scanning utilities, exploit code, and evasion tactics, lowering the barrier to entry for sophisticated attacks. Cybercriminals are increasingly weaponizing generative AI and large language models ...
4 weeks ago Cybersecuritynews.com CVE-2024-10914
4 weeks ago Cybersecuritynews.com CVE-2024-10914
Xanthorox - New BlackHat AI Tool Used by Hackers to Launch Phishing & Malware Attacks - As AI-powered crime tools become more sophisticated and accessible, organizations must deploy AI-based detection systems, enhance employee training, and remain vigilant against increasingly convincing phishing and malware attacks. Xanthorox may not ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Node.js Vulnerability Allows Attackers to Crash the Process & Halt Services - The Node.js project has issued urgent security updates after disclosing a high-severity vulnerability that could allow remote attackers to crash Node.js processes, potentially halting critical services and causing widespread denial of service across ...
4 weeks ago Cybersecuritynews.com CVE-2025-23167
4 weeks ago Cybersecuritynews.com CVE-2025-23167
Researchers Unveiled a New Mechanism to Track Compartmentalized Threats - In May 2025, cybersecurity researchers from Cisco Talos and The Vertex Project announced a groundbreaking methodology to combat the rising trend of compartmentalized cyberattacks, where multiple threat actors collaborate to execute distinct stages of ...
4 weeks ago Cybersecuritynews.com Cactus
4 weeks ago Cybersecuritynews.com Cactus
macOS Security Guide- Safeguarding Against Adware and Malware - While Apple’s built-in defenses, such as XProtect and Gatekeeper, remain critical, 2024 has exposed vulnerabilities in user behavior and emerging attack vectors leveraging artificial intelligence (AI). As MaaS economies flourish, only layered ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems - Since early 2024, advanced persistent threat (APT) groups linked to Iran, North Korea, and China have exploited vulnerabilities in healthcare networks to deploy destructive malware, ransomware, and backdoors. These attacks aim to sabotage patient ...
4 weeks ago Cybersecuritynews.com CVE-2023-34362
4 weeks ago Cybersecuritynews.com CVE-2023-34362
Google fixes high severity Chrome flaw with public exploit - The vulnerability was discovered by Solidlab security researcher Vsevolod Kokorin and is described as an insufficient policy enforcement in Google Chrome's Loader component that lets remote attackers leak cross-origin data via maliciously crafted ...
4 weeks ago Bleepingcomputer.com CVE-2025-2783
4 weeks ago Bleepingcomputer.com CVE-2025-2783
New HTTPBot Botnet Expanding Aggressively to Attack Windows Machines - Developed in GoLang, this malware employs a modular design to bypass traditional security measures, using randomized HTTP headers, dynamic URL paths, and cookie manipulation to evade detection. A new botnet family named HTTPBot has emerged as a ...
4 weeks ago Cybersecuritynews.com
4 weeks ago Cybersecuritynews.com
Trending Cyber News (last 7 days)
CVE-2024-9994 - The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eael_pricing_item_tooltip_content parameter of the Pricing ...
5 days ago
5 days ago
CVE-2025-47601 - Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through 2.1.0. ...
5 days ago
5 days ago
CVE-2025-27817 - A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including ...
2 days ago
2 days ago
CVE-2025-5399 - Due to a mistake in libcurl's WebSocket code, a malicious server can send a ...
5 days ago
5 days ago
CVE-2025-5814 - The Profiler – What Slowing Down Your WP plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpsd_plugin_control() function in all versions up to, and including, 1.0.0. This makes it ...
5 days ago
5 days ago
CVE-2025-5838 - A vulnerability classified as critical was found in PHPGurukul Employee Record Management System 1.3. Affected by this vulnerability is an unknown functionality of the file /admin/adminprofile.php. The manipulation of the argument AdminName leads to ...
5 days ago
5 days ago
CVE-2025-5859 - A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto ...
3 days ago
3 days ago
CVE-2025-5303 - The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the expiry_date parameter in all ...
5 days ago
5 days ago
CVE-2024-9993 - The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the eael_event_details_text parameter of Event Calendar Widget in ...
5 days ago
5 days ago
CVE-2025-5860 - A vulnerability, which was classified as critical, was found in PHPGurukul Maid Hiring Management System 1.0. This affects an unknown part of the file /admin/search-booking-request.php. The manipulation of the argument searchdata leads to sql ...
3 days ago
3 days ago
CVE-2025-5528 - The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and ...
5 days ago
5 days ago
CVE-2025-5568 - The WpEvently plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated ...
5 days ago
5 days ago
CVE-2025-5836 - A vulnerability was found in Tenda AC9 15.03.02.13. It has been rated as critical. This issue affects the function formSetIptv of the file /goform/SetIPTVCfg of the component POST Request Handler. The manipulation of the argument list leads to ...
5 days ago
5 days ago
CVE-2025-5837 - A vulnerability classified as critical has been found in PHPGurukul Employee Record Management System 1.3. Affected is an unknown function of the file /admin/allemployees.php. The manipulation of the argument delid leads to sql injection. It is ...
5 days ago
5 days ago
CVE-2025-35004 - Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFIP command that can lead to privilege escalation. This is an instance of CWE-88, "Improper ...
3 days ago
3 days ago
CVE-2025-5854 - A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.05.16. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The ...
3 days ago
3 days ago
CVE-2025-5858 - A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient-report.php. The manipulation of the argument searchdata leads to sql ...
3 days ago
3 days ago
CVE-2025-5861 - A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. The attack ...
3 days ago
3 days ago
CVE-2024-55585 - In the moPS App through 1.8.618, all users can access administrative API endpoints without additional authentication, resulting in unrestricted read and write access, as demonstrated by /api/v1/users/resetpassword. ...
5 days ago
5 days ago
CVE-2025-49619 - Skyvern through 0.1.85 has a Jinja runtime leak in sdk/workflow/models/block.py. ...
5 days ago
5 days ago
CVE-2025-5862 - A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be ...
3 days ago
3 days ago
CVE-2025-27818 - A possible security vulnerability has been identified in Apache Kafka. ...
2 days ago
2 days ago
CVE-2025-5839 - A vulnerability, which was classified as critical, has been found in Tenda AC9 15.03.02.13. Affected by this issue is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Handler. The manipulation of the argument ...
5 days ago
5 days ago
CVE-2025-5097 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
4 days ago
4 days ago
CVE-2025-5853 - A vulnerability classified as critical was found in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg. The manipulation of the argument remoteIp leads to stack-based buffer ...
3 days ago
3 days ago
CVE-2025-5474 - 2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to ...
6 days ago
6 days ago
CVE-2025-5026 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
4 days ago
4 days ago
CVE-2025-5847 - A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation ...
4 days ago
4 days ago
CVE-2025-3459 - The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable to command injection. This is an instance of CWE-88, "Improper Neutralization of Argument Delimiters in a Command ('Argument ...
4 days ago
4 days ago
CVE-2025-5850 - A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been declared as critical. This vulnerability affects the function formsetschedled of the file /goform/SetLEDCf of the component HTTP POST Request Handler. The manipulation of the ...
3 days ago
3 days ago
CVE-2025-5925 - The Bunny’s Print CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.95. This is due to missing or incorrect nonce validation on the pcss_options_subpanel() function. This makes it possible ...
2 days ago
2 days ago
CVE-2025-5945 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
2 days ago
2 days ago
CVE-2024-22330 - IBM Security Verify Governance 10.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. ...
6 days ago
6 days ago
CVE-2025-5793 - A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument ...
6 days ago
6 days ago
CVE-2025-5798 - A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is ...
6 days ago
6 days ago
CVE-2025-5799 - A vulnerability was found in Tenda AC8 16.03.34.09. It has been declared as critical. Affected by this vulnerability is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to ...
6 days ago
6 days ago
CVE-2025-5840 - A vulnerability, which was classified as critical, was found in SourceCodester Client Database Management System 1.0. This affects an unknown part of the file /user_update_customer_order.php. The manipulation of the argument uploaded_file leads to ...
5 days ago
5 days ago
CVE-2025-5242 - Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. ...
4 days ago
4 days ago
CVE-2025-35005 - Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post-authentication command injection issue in the AT+MFMAC command that can lead to privilege escalation. This is an instance of CWE-88, "Improper ...
3 days ago
3 days ago
CVE-2025-5849 - A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been classified as critical. This affects the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the ...
3 days ago
3 days ago
CVE-2025-5851 - A vulnerability was found in Tenda AC15 15.03.05.19_multi. It has been rated as critical. This issue affects the function fromadvsetlanip of the file /goform/AdvSetLanip of the component HTTP POST Request Handler. The manipulation of the argument ...
3 days ago
3 days ago
CVE-2025-5855 - A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.05.16. This affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. ...
3 days ago
3 days ago
CVE-2025-5904 - A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the ...
2 days ago
2 days ago
CVE-2025-5952 - A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file_1 leads to os command injection. The attack may be ...
2 days ago
2 days ago
CVE-2025-27819 - In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To ...
2 days ago
2 days ago
CVE-2025-5789 - A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to ...
6 days ago
6 days ago
CVE-2025-5792 - A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation ...
6 days ago
6 days ago
CVE-2025-5856 - A vulnerability has been found in PHPGurukul BP Monitoring Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /registration.php. The manipulation of the argument emailid leads to sql injection. The ...
3 days ago
3 days ago
CVE-2025-5857 - A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /urinalysis_record.php. The manipulation of the argument itr_no leads to sql injection. ...
3 days ago
3 days ago
CVE-2025-5913 - A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to ...
2 days ago
2 days ago