Cyber News
CyberSecurityBoard.com is a cyber news aggregator platform with all of the top news, blogs, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place. CyberSecurityBoard's ultimate goal is providing a useful and effective tool to help you getting a better understanding and quicker overview of everything happening in the world of Cybersecurity.
Latest Cyber News
Microsoft confirms May Windows 10 updates trigger BitLocker recovery - Microsoft's acknowledgment of this issue comes after many Windows users and admins have reported seeing devices unexpectedly enter the Windows Recovery Environment (WinRE) and displaying a BitLocker recovery screen after installing the KB5058379 ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Feds charge 12 more suspects in RICO case over crypto crime spree | The Record from Recorded Future News - Two additional suspects in the case — 20-year-old Malone Lam and Jeandiel Serrano, 21 — were arrested in September 2024 and charged in connection with the theft of about $245 million from a victim in Washington, D.C through a social engineering ...
6 days ago Therecord.media
6 days ago Therecord.media
Hands-on Malware Analysis Training to Boost Up SOC & MSSP Teams - With ANY.RUN malware analysis training learners are provided with unrestricted access to the sandbox and a curated collection of new malware samples contributed by ANY.RUN’s extensive global user community comprises 15,000 corporate security ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
macOS Gatekeeper Explained: Strengthening System Defenses - Apple’s macOS Gatekeeper, a cornerstone of the operating system’s defense against malicious software, has undergone significant macOS Sequoia (15.0) updates to address emerging security challenges. Developers submitting apps to Apple’s notary ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Israel arrests new suspect behind Nomad Bridge $190M crypto hack - An American-Israeli national named Osei Morrell has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. Osei Morrell is not ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
ChatGPT rolls out Codex, an AI tool for software programming - According to OpenAI, Codex is based on codex-1, which is a new version of ChatGPT based on the existing o3 model, but it has been optimized for coding, which results in increased accuracy. OpenAI is rolling out 'Codex' for ChatGPT, which is an ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
SSH Auth Keys Reuse Exposes Sophisticated Targeted Phishing Attack - A coordinated phishing campaign targeting Kuwait’s critical sectors has been exposed through a distinctive operational security lapse: the consistent reuse of SSH authentication keys across multiple attack servers. The campaign, which remains ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own - During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. Palo Alto ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Linux Kernel Patching: Preventing Exploits in 2025 - Live kernel patching technologies like Kpatch and SUSE Live Patch have evolved from niche tools to essential components of enterprise security postures. Immutable Infrastructure: Cloud providers combine kernel live patching with ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Printer maker Procolored offered malware-laced drivers for months - Cameron Coward, a YouTuber known as Serial Hobbyism, discovered the malware when his security solution warned of the presence of the Floxif USB worm on his computer when installing the companion software and drivers for a $7,000 Procolored ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
New Vulnerability Affects All Intel Processors From The Last 6 Years - Affecting all Intel processors released in the past six years-including those in consumer devices and cloud server infrastructure-the vulnerability exploits speculative execution technologies designed to accelerate computational performance. The BPRC ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Chinese Agent Impersonates as Stanford Student For Intelligence Gathering - According to experts consulted during the investigation, Chen was “likely an agent of the Chinese Ministry of State Security (MSS), tasked with identifying sympathetic Stanford students and gathering intelligence”. The agent, operating ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Ransomware gangs increasingly use Skitnet post-exploitation malware - Prodaft told BleepingComputer they have observed multiple ransomware operations deploying Skitnet in real-world attacks, including BlackBasta in Microsoft Teams phishing attacks against the enterprise, and Cactus. The malware has been offered for ...
6 days ago Bleepingcomputer.com Cactus
6 days ago Bleepingcomputer.com Cactus
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack | The Record from Recorded Future News - Although the hospital has not disclosed specifics about the cyber incident, local authorities confirmed the attackers targeted software used to manage patient records and medical histories. A private hospital in the Russian republic of Chuvashia ...
6 days ago Therecord.media
6 days ago Therecord.media
Malware Mastermind Andrei Tarasov Evades US Extradition Returns to Russia - “As alleged, Silnikau, Kadariya, Tarasov, and conspirators used multiple strategies to profit from their widespread hacking and wire fraud,” stated the US Department of Justice in documents released after Silnikau’s extradition from ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
FBI Warns of US Govt Officials Impersonated in Malicious Message Campaign - The Federal Bureau of Investigation (FBI) issued an urgent warning Thursday about an ongoing malicious campaign where cybercriminals are impersonating senior US officials through text messages and AI-generated voice calls. “The malicious actors ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations | The Record from Recorded Future News - The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense, which had tracked closely ...
6 days ago Therecord.media
6 days ago Therecord.media
Multiple Ivanti Endpoint Manager Vulnerabilities Allows Remote Code Execution - Critical security flaws have been uncovered in Ivanti Endpoint Manager Mobile (EPMM), a widely used mobile device management (MDM) solution, exposing organizations to the risk of unauthenticated remote code execution (RCE). The discovery and ongoing ...
6 days ago Cybersecuritynews.com CVE-2025-4427
6 days ago Cybersecuritynews.com CVE-2025-4427
Windows Security Updates: How to Stay Ahead of Vulnerabilities - In April 2025, cybersecurity teams were starkly reminded of the stakes involved in patch management when Microsoft disclosed CVE-2025-29824, a zero-day privilege escalation flaw in the Windows Common Log File System (CLFS) driver. In April 2025, ...
6 days ago Cybersecuritynews.com CVE-2025-29824
6 days ago Cybersecuritynews.com CVE-2025-29824
Windows 10 KB5058379 Update Boots PCs into Windows Recovery & Require BitLocker key - “I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled ‘BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379′ on Windows 10 machines,” a ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Hackers Attacking Industrial Automation Systems With 11,600+ Malware Families - Industrial automation systems worldwide are facing an unprecedented scale of cyber threats, with security researchers detecting a staggering 11,679 distinct malware families targeting critical infrastructure in the first quarter of 2025. Securelist ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
UK National Health Service suppliers asked to tackle ‘endemic’ ransomware attacks | The Record from Recorded Future News - The letter sets out NHS England’s views on best practices from suppliers, and asks them to take several steps — including to maintain immutable backups for recovery purposes, ensure multifactor authentication is turned on for network access, and ...
6 days ago Therecord.media
6 days ago Therecord.media
Hackers Actively Exploiting PowerShell to Evade Antivirus & EDR - Cyber Security News - The visualization reveals how legitimate Windows processes are hijacked to execute malicious code, creating a complex chain that makes attribution and detection challenging for security teams. Cybersecurity experts have identified a concerning trend ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Cybersecurity for Mergers and Acquisitions - A CISO’s Guide - Recent analyses reveal that 50% of cybersecurity incidents during M&A processes stem from non-malicious integration challenges, while dark web forums buzz with threat actors exploiting transition vulnerabilities. As global M&A activity ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
US charges 12 more suspects linked to $230 million crypto theft - While posing as a Gemini support representative, they deceived the victim into resetting two-factor authentication (2FA) and sharing their screen via AnyDesk (a remote desktop application) after claiming the account had been compromised, which gave ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Mitigating macOS Zero-Day Risks - Tools and Techniques - As macOS zero-day threats grow more sophisticated, combining Apple’s built-in protections with third-party security tools and rigorous security practices provides the most comprehensive defense strategy. These third-party solutions are ...
6 days ago Cybersecuritynews.com CVE-2024-44243
6 days ago Cybersecuritynews.com CVE-2024-44243
CISA tags recently patched Chrome bug as actively exploited - This is the second actively exploited Chrome zero-day patched by Google this year, after another high-severity Chrome zero-day bug (CVE-2025-2783), which was abused to target Russian government organizations, media outlets, and educational ...
6 days ago Bleepingcomputer.com CVE-2025-2783
6 days ago Bleepingcomputer.com CVE-2025-2783
Securing Linux Containers - A Guide for Cloud-Native Environments - “A core principle of container security is reducing the attack surface-the total of all points where an unauthorized user could try to access the system,” notes a recent TuxCare security advisory. The most effective container security ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Jenkins Security Update Released With The Fixes for The Vulnerabilities That Exploit CI/CD Pipelines - The Jenkins project has issued a critical security advisory detailing vulnerabilities in five widely used plugins: Cadence vManager, DingTalk, Health Advisor by CloudBees, OpenID Connect Provider, and WSO2 Oauth. OpenID Connect Provider Plugin ...
6 days ago Cybersecuritynews.com CVE-2025-47884
6 days ago Cybersecuritynews.com CVE-2025-47884
Commit Stomping - An Offensive Technique Let Hackers Manipulate Timestamps in Git to Alter File Metadata - While not a bug or vulnerability, Commit Stomping exploits Git’s flexibility to rewrite the timeline of code changes, posing significant risks to software supply chain security, incident response, and code audits. Inspired by ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Researchers Emulated VanHelsing Ransomware Advanced Tactics & Tools Used - AttackIQ researchers identified that as of May 14, 2025, the VanHelsing operation had already infected five organizations across the United States, France, Italy, and Australia, with data from three non-compliant victims published on their leak site. ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Windows Defender Best Practices - Optimizing Endpoint Protection - Microsoft Defender for Endpoint has emerged as a critical tool in this landscape, offering AI-driven threat detection, automated response, and integration with broader security ecosystems like Microsoft Defender XDR. By combining Defender’s native ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Android 16 Comes with Advanced Device-level Security Setting Protection for 3 Billion Devices - Google has announced a significant enhancement to its Advanced Protection Program with the release of Android 16, introducing a robust device-level security setting aimed at safeguarding users against sophisticated cyber threats. While Android 16 ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Windows 11, Red Hat Linux, & Oracle VirtualBox Hacked - Pwn2Own Day 1 - Sina Kheirkhah (@SinSinology) of Summoning Team and Viettel Cyber Security (@vcslab) both demonstrated successful exploits, each earning $15,000 and 1.5 Master of Pwn points despite the vendor’s prior knowledge of the vulnerabilities. Red Hat Linux ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Proofpoint to Acquire Microsoft 365 Security Provider Hornetsecurity For $1 Billion - Proofpoint, Inc., a global leader in cybersecurity and compliance, has announced a definitive agreement to acquire Hornetsecurity Group, a prominent pan-European provider of AI-powered Microsoft 365 (M365) security, compliance, and data protection ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in the Wild - Patch Now! - This high-severity issue in Google Chromium involves insufficient policy enforcement in the Loader component, enabling remote attackers to leak cross-origin data via crafted HTML pages. The Cybersecurity and Infrastructure Security Agency (CISA) ...
6 days ago Cybersecuritynews.com CVE-2025-4664
6 days ago Cybersecuritynews.com CVE-2025-4664
Leak confirms OpenAI's ChatGPT will integrate MCP - ChatGPT is testing support for Model Context Protocol (MCP), which will allow it to connect to third-party services and use them as context. MCP is an open-source standard that allows developers to expose third-party data through ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
ChatGPT will soon record, transcribe, and summarize your meetings - As spotted by X user M1Astra, ChatGPT mobile app code clearly mentions a “Record” feature for live meetings that supports pausing, resuming, and turning audio into text. OpenAI may be planning to challenge Microsoft Teams Copilot ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Windows 10 KB5058379 update triggering BitLocker Recovery after install - "I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled "BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379" on Windows 10 machines," an impacted ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Government webmail hacked via XSS bugs in global spy campaign - Hackers are running a worldwide cyberespionage campaign dubbed 'RoundPress,' leveraging zero-day and n-day flaws in webmail servers to steal email from high-value government organizations. A malicious JavaScript payload embedded in the HTML body of ...
1 week ago Bleepingcomputer.com Fancy Bear APT28
1 week ago Bleepingcomputer.com Fancy Bear APT28
Ban sales of gear from China’s TP-Link, Republican lawmakers tell Trump administration | The Record from Recorded Future News - In requesting the ban on TP-Link router sales, the lawmakers cited Executive Order 13873, signed by President Donald Trump in his first term, which allows the Commerce Department to prohibit foreign-made products deemed to present threats to national ...
1 week ago Therecord.media
1 week ago Therecord.media
FBI: US officials targeted in voice deepfake attacks since April - This warning is part of a public service announcement issued on Thursday that also provides mitigation measures to help the public spot and block attacks using audio deepfakes (also known as voice deepfakes). The FBI warned that cybercriminals using ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
Coinbase Hacked - Massive Data Breach Costs Them $400 Million - Coinbase emphasized that the breach did not impact the security of customer funds, as the involved contractors and employees lacked access to financial systems. The breach, orchestrated by an unknown threat actor, involved the unauthorized access of ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
New .NET Multi-stage Loader Attacking Windows Systems to Deploy Malicious Payloads - While earlier variants embedded the second stage as hardcoded strings, newer versions have adopted more sophisticated concealment methods, hiding malicious code within bitmap resources to avoid triggering security alerts. A sophisticated .NET ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Nova Scotia Power confirms hackers stole customer data in cyberattack - Nova Scotia Power confirms it suffered a data breach after threat actors stole sensitive customer data in a cybersecurity incident discovered last month. Customers of Nova Scotia Power are advised to remain vigilant for phishing attempts, including ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
Hackers Abuse Google Services to Send Malicious Law Enforcement Requests - The attack utilizes official Google infrastructure, including the company’s OAuth system and sites.google.com domain, to create messages that appear to come directly from Google’s trusted [email protected] address. A sophisticated ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
CISA Issues Urgent Warning Over Five Actively Exploited Windows 0-Day Vulnerabilities - CISA has issued an urgent alert after adding five new Microsoft Windows zero-day vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. Security experts warn that these ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Windows Defender Application Control Bypassed Using Operationalizing Browser Exploits - Researchers have uncovered a sophisticated technique to bypass Windows Defender Application Control (WDAC), a critical Windows security feature designed to prevent unauthorized code execution. The bypass leverages vulnerabilities in trusted Electron ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Threat Actors Weaponizing Open Source Packages to Deliver Malware in Supply Chain Attack - In one campaign linked to North Korean threat actors, Socket.dev researchers discovered a package delivering a loader called “BeaverTail” that stole browser data and cryptocurrency wallet credentials before fetching a more advanced ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Windows 11 and Red Hat Linux hacked on first day of Pwn2Own - Summoning Team's Sina Kheirkhah was awarded another $35,000 for a Chroma zero-day and an already known vulnerability in Nvidia's Triton Inference Server, while STARLabs SG's Billy and Ramdhan earned $60,000 for escaping Docker Desktop and ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
U.S. officials Investigating Rogue Communication Devices in Solar Power Inverters - According to security experts familiar with the matter, these unauthorized components create secondary communication channels that may allow remote access to critical energy infrastructure without detection, potentially enabling foreign actors to ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
DIOR Cyber Attack - Customers Personal & Financial Data Exposed - “No passwords or payment information, including bank account or payment card information, were in the database affected in the incident… The confidentiality and security of our customers’ data is an absolute priority for the House of Dior. ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Xerox Issues April 2025 Security Patch Update for FreeFlow Print Server v2 - Xerox has announced the release of its April 2025 Security Patch Update for the FreeFlow® Print Server v2 running on Windows® 10, reinforcing the company’s commitment to robust cybersecurity for its production print platforms. The update, ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
New Tor Oniux tool anonymizes any Linux app's network traffic - Unlike classic methods like torsocks, which rely on user-space tricks, Oniux uses Linux namespaces to create a fully isolated network environment for each application, preventing data leaks even if the app is malicious or misconfigured. "We are ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
TransferLoader Malware Allows Attackers to Execute Arbitrary Commands on Compromised System - Zscaler’s cloud security platform has implemented detections for associated IOCs, including C2 servers like [.]cloud/MDcMkjAxsLKsT and payload hashes such as b55ba0f869f64.... Cybersecurity teams are advised to monitor for unusual IPFS traffic and ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
New DarkCloud Stealer Uses AutoIt to Evade Detection & Steal Login Credentials - A new variant of the DarkCloud information-stealing malware has emerged, leveraging the AutoIt scripting language to bypass security tools and harvest sensitive credentials from infected systems. According to researchers at Palo Alto Networks’ Unit ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Chihuahua Stealer Leverages Google Drive Document to Steal Browser Login Credentials - A newly discovered .NET-based infostealer dubbed “Chihuahua Stealer” has emerged as a significant threat, exploiting Google Drive documents to deliver malicious PowerShell scripts and steal sensitive data. Organizations are advised to ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Malicious npm package using steganography downloaded by hundreds - Researchers at Veracode, a code security assessment company, found that the first version of the package was added to the Node Package Manager (NPM) index on March 19 and was benign, as it only collected operating system information from the host. ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
Coinbase data breach exposes customer info and government IDs - While the threat actors managed to steal a combination of personally identifiable information of up to 1% of Coinbase's customer base (around 1 million individuals), they couldn't steal customers' private keys or passwords, and couldn't ...
1 week ago Bleepingcomputer.com
1 week ago Bleepingcomputer.com
Microsoft Outlook Down - Millions of Users Affected With This Longest Outage in Microsoft History - According to Microsoft, affected users attempting to visit sites such as , , , and , along with related regional domains (e.g., .co.uk, .nl, .fr), are encountering a “500 Internal Server Error.” This error indicates a failure in site ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Coinbase offers $20 million bounty after extortion attempt with stolen data | The Record from Recorded Future News - The industry giant said in a regulatory filing with the Securities and Exchange Commission (SEC) that an “unknown threat actor” emailed a demand on May 11 for $20 million, threatening to publish stolen data about Coinbase customers and other ...
1 week ago Therecord.media
1 week ago Therecord.media
Threat Actors Using Weaponized HTML Files to Deliver Horabot Malware - The malware spreads via phishing emails disguised as financial invoices, often titled “Factura Adjunta” (Attached Invoice), and uses a multi-stage payload delivery system involving HTML, VBScript, and PowerShell. To establish persistence, ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Hackers Disguised Remote Access Malware as Microsoft Edge service - While the service name and path were designed to blend in seamlessly with legitimate Windows processes, a closer inspection revealed suspicious command-line arguments, notably --meshServiceName="MicrosoftEdge", which pointed to the presence of a ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Russian Hackers Exploiting MDaemon 0-Day Vulnerability to Hack Webmail Servers - A recently uncovered cyber-espionage campaign linked to Russian state-sponsored actors has been targeting enterprise webmail servers using a critical zero-day vulnerability in MDaemon, a widely used email server software. WeliveSecurity analysts ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
TA406 Hackers Attacking to Attack Government Entities to Steal Login Credentials - A Democratic People’s Republic of Korea (DPRK)-linked threat actor tracked as TA406 has intensified cyber espionage efforts against Ukrainian government entities since February 2025, deploying sophisticated phishing campaigns aimed at stealing ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Enisa Launches European Vulnerability Database to Enhance Digital Security - Mandated by the NIS2 Directive, the EUVD is designed to aggregate and interconnect publicly available vulnerability information from a wide array of sources, including national Computer Security Incident Response Teams (CSIRTs), industry threat ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Threat Actors Exploit AI & LLM Tools to Begun Using Them as Offensive Tools - These tools enable threat actors to rapidly generate scanning utilities, exploit code, and evasion tactics, lowering the barrier to entry for sophisticated attacks. Cybercriminals are increasingly weaponizing generative AI and large language models ...
1 week ago Cybersecuritynews.com CVE-2024-10914
1 week ago Cybersecuritynews.com CVE-2024-10914
Xanthorox - New BlackHat AI Tool Used by Hackers to Launch Phishing & Malware Attacks - As AI-powered crime tools become more sophisticated and accessible, organizations must deploy AI-based detection systems, enhance employee training, and remain vigilant against increasingly convincing phishing and malware attacks. Xanthorox may not ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Node.js Vulnerability Allows Attackers to Crash the Process & Halt Services - The Node.js project has issued urgent security updates after disclosing a high-severity vulnerability that could allow remote attackers to crash Node.js processes, potentially halting critical services and causing widespread denial of service across ...
1 week ago Cybersecuritynews.com CVE-2025-23167
1 week ago Cybersecuritynews.com CVE-2025-23167
Researchers Unveiled a New Mechanism to Track Compartmentalized Threats - In May 2025, cybersecurity researchers from Cisco Talos and The Vertex Project announced a groundbreaking methodology to combat the rising trend of compartmentalized cyberattacks, where multiple threat actors collaborate to execute distinct stages of ...
1 week ago Cybersecuritynews.com Cactus
1 week ago Cybersecuritynews.com Cactus
macOS Security Guide- Safeguarding Against Adware and Malware - While Apple’s built-in defenses, such as XProtect and Gatekeeper, remain critical, 2024 has exposed vulnerabilities in user behavior and emerging attack vectors leveraging artificial intelligence (AI). As MaaS economies flourish, only layered ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Nation State-Actors Attacking Healthcare Institutions to Sabotage IT & OT Systems - Since early 2024, advanced persistent threat (APT) groups linked to Iran, North Korea, and China have exploited vulnerabilities in healthcare networks to deploy destructive malware, ransomware, and backdoors. These attacks aim to sabotage patient ...
1 week ago Cybersecuritynews.com CVE-2023-34362
1 week ago Cybersecuritynews.com CVE-2023-34362
Google fixes high severity Chrome flaw with public exploit - The vulnerability was discovered by Solidlab security researcher Vsevolod Kokorin and is described as an insufficient policy enforcement in Google Chrome's Loader component that lets remote attackers leak cross-origin data via maliciously crafted ...
1 week ago Bleepingcomputer.com CVE-2025-2783
1 week ago Bleepingcomputer.com CVE-2025-2783
New HTTPBot Botnet Expanding Aggressively to Attack Windows Machines - Developed in GoLang, this malware employs a modular design to bypass traditional security measures, using randomized HTTP headers, dynamic URL paths, and cookie manipulation to evade detection. A new botnet family named HTTPBot has emerged as a ...
1 week ago Cybersecuritynews.com
1 week ago Cybersecuritynews.com
Trending Cyber News (last 7 days)
CISA tags recently patched Chrome bug as actively exploited - This is the second actively exploited Chrome zero-day patched by Google this year, after another high-severity Chrome zero-day bug (CVE-2025-2783), which was abused to target Russian government organizations, media outlets, and educational ...
6 days ago Bleepingcomputer.com CVE-2025-2783
6 days ago Bleepingcomputer.com CVE-2025-2783
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations | The Record from Recorded Future News - The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal to major Western powers” and marks a break from the country’s traditional approach to cyber defense, which had tracked closely ...
6 days ago Therecord.media
6 days ago Therecord.media
Russian hospital faces multi-day shutdown as pro-Ukraine group claims cyberattack | The Record from Recorded Future News - Although the hospital has not disclosed specifics about the cyber incident, local authorities confirmed the attackers targeted software used to manage patient records and medical histories. A private hospital in the Russian republic of Chuvashia ...
6 days ago Therecord.media
6 days ago Therecord.media
CVE-2025-48187 - RAGFlow through 0.18.1 allows account takeover because it is possible to conduct successful brute-force attacks against email verification codes to perform arbitrary account registration, login, and password reset. Codes are six digits and there is ...
5 days ago
5 days ago
Windows Defender Best Practices - Optimizing Endpoint Protection - Microsoft Defender for Endpoint has emerged as a critical tool in this landscape, offering AI-driven threat detection, automated response, and integration with broader security ecosystems like Microsoft Defender XDR. By combining Defender’s native ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
US charges 12 more suspects linked to $230 million crypto theft - While posing as a Gemini support representative, they deceived the victim into resetting two-factor authentication (2FA) and sharing their screen via AnyDesk (a remote desktop application) after claiming the account had been compromised, which gave ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in the Wild - Patch Now! - This high-severity issue in Google Chromium involves insufficient policy enforcement in the Loader component, enabling remote attackers to leak cross-origin data via crafted HTML pages. The Cybersecurity and Infrastructure Security Agency (CISA) ...
6 days ago Cybersecuritynews.com CVE-2025-4664
6 days ago Cybersecuritynews.com CVE-2025-4664
Researchers Emulated VanHelsing Ransomware Advanced Tactics & Tools Used - AttackIQ researchers identified that as of May 14, 2025, the VanHelsing operation had already infected five organizations across the United States, France, Italy, and Australia, with data from three non-compliant victims published on their leak site. ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-4766 - A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/profile.php. The manipulation of the argument contactnumber leads to ...
6 days ago
6 days ago
CVE-2025-5030 - A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os ...
23 hours ago
23 hours ago
CVE-2025-47790 - Nextcloud Server is a self hosted personal cloud system. Nextcloud Server prior to 29.0.15, 30.0.9, and 31.0.3 and Nextcloud Enterprise Server prior to 26.0.13.15, 27.1.11.15, 28.0.14.6, 29.0.15, 30.0.9, and 31.0.3 have a bug with session handling. ...
6 days ago
6 days ago
Windows 10 KB5058379 update triggering BitLocker Recovery after install - "I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled "BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379" on Windows 10 machines," an impacted ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
SonicWall SMA1000 Vulnerability Let Attackers to Exploit Encoded URLs To Gain Internal Systems Access Remotely - SonicWall has issued a high-priority security advisory (SNWLID-2025-0010) revealing a critical Server-Side Request Forgery (SSRF) vulnerability in its SMA1000 Appliance Work Place interface. Discovered by security researcher Ronan Kervella of ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
ChatGPT rolls out Codex, an AI tool for software programming - According to OpenAI, Codex is based on codex-1, which is a new version of ChatGPT based on the existing o3 model, but it has been optimized for coding, which results in increased accuracy. OpenAI is rolling out 'Codex' for ChatGPT, which is an ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Microsoft confirms May Windows 10 updates trigger BitLocker recovery - Microsoft's acknowledgment of this issue comes after many Windows users and admins have reported seeing devices unexpectedly enter the Windows Recovery Environment (WinRE) and displaying a BitLocker recovery screen after installing the KB5058379 ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Android 16 Comes with Advanced Device-level Security Setting Protection for 3 Billion Devices - Google has announced a significant enhancement to its Advanced Protection Program with the release of Android 16, introducing a robust device-level security setting aimed at safeguarding users against sophisticated cyber threats. While Android 16 ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Mitigating macOS Zero-Day Risks - Tools and Techniques - As macOS zero-day threats grow more sophisticated, combining Apple’s built-in protections with third-party security tools and rigorous security practices provides the most comprehensive defense strategy. These third-party solutions are ...
6 days ago Cybersecuritynews.com CVE-2024-44243
6 days ago Cybersecuritynews.com CVE-2024-44243
Printer maker Procolored offered malware-laced drivers for months - Cameron Coward, a YouTuber known as Serial Hobbyism, discovered the malware when his security solution warned of the presence of the Floxif USB worm on his computer when installing the companion software and drivers for a $7,000 Procolored ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
Jenkins Security Update Released With The Fixes for The Vulnerabilities That Exploit CI/CD Pipelines - The Jenkins project has issued a critical security advisory detailing vulnerabilities in five widely used plugins: Cadence vManager, DingTalk, Health Advisor by CloudBees, OpenID Connect Provider, and WSO2 Oauth. OpenID Connect Provider Plugin ...
6 days ago Cybersecuritynews.com CVE-2025-47884
6 days ago Cybersecuritynews.com CVE-2025-47884
CVE-2025-4777 - A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been classified as critical. This affects an unknown part of the file /view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It ...
6 days ago
6 days ago
Chinese Agent Impersonates as Stanford Student For Intelligence Gathering - According to experts consulted during the investigation, Chen was “likely an agent of the Chinese Ministry of State Security (MSS), tasked with identifying sympathetic Stanford students and gathering intelligence”. The agent, operating ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-4832 - A vulnerability has been found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formDosCfg of the component HTTP POST Request Handler. The manipulation ...
5 days ago
5 days ago
Commit Stomping - An Offensive Technique Let Hackers Manipulate Timestamps in Git to Alter File Metadata - While not a bug or vulnerability, Commit Stomping exploits Git’s flexibility to rewrite the timeline of code changes, posing significant risks to software supply chain security, incident response, and code audits. Inspired by ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Hackers Actively Exploiting PowerShell to Evade Antivirus & EDR - Cyber Security News - The visualization reveals how legitimate Windows processes are hijacked to execute malicious code, creating a complex chain that makes attribution and detection challenging for security teams. Cybersecurity experts have identified a concerning trend ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Windows 10 KB5058379 Update Boots PCs into Windows Recovery & Require BitLocker key - “I would like to inform you that we are currently experiencing a known issue with the May Month Patch KB5058379, titled ‘BitLocker Recovery Triggered on Windows 10 devices after installing KB5058379′ on Windows 10 machines,” a ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-23165 - In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on ...
3 days ago
3 days ago
ChatGPT will soon record, transcribe, and summarize your meetings - As spotted by X user M1Astra, ChatGPT mobile app code clearly mentions a “Record” feature for live meetings that supports pausing, resuming, and turning audio into text. OpenAI may be planning to challenge Microsoft Teams Copilot ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
FBI Warns of US Govt Officials Impersonated in Malicious Message Campaign - The Federal Bureau of Investigation (FBI) issued an urgent warning Thursday about an ongoing malicious campaign where cybercriminals are impersonating senior US officials through text messages and AI-generated voice calls. “The malicious actors ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Malware Mastermind Andrei Tarasov Evades US Extradition Returns to Russia - “As alleged, Silnikau, Kadariya, Tarasov, and conspirators used multiple strategies to profit from their widespread hacking and wire fraud,” stated the US Department of Justice in documents released after Silnikau’s extradition from ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Linux Kernel Patching: Preventing Exploits in 2025 - Live kernel patching technologies like Kpatch and SUSE Live Patch have evolved from niche tools to essential components of enterprise security postures. Immutable Infrastructure: Cloud providers combine kernel live patching with ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Israel arrests new suspect behind Nomad Bridge $190M crypto hack - An American-Israeli national named Osei Morrell has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. Osei Morrell is not ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
CVE-2025-4889 - A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to ...
4 days ago
4 days ago
Securing Linux Containers - A Guide for Cloud-Native Environments - “A core principle of container security is reducing the attack surface-the total of all points where an unauthorized user could try to access the system,” notes a recent TuxCare security advisory. The most effective container security ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Ransomware gangs increasingly use Skitnet post-exploitation malware - Prodaft told BleepingComputer they have observed multiple ransomware operations deploying Skitnet in real-world attacks, including BlackBasta in Microsoft Teams phishing attacks against the enterprise, and Cactus. The malware has been offered for ...
6 days ago Bleepingcomputer.com Cactus
6 days ago Bleepingcomputer.com Cactus
Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own - During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. Palo Alto ...
6 days ago Bleepingcomputer.com
6 days ago Bleepingcomputer.com
SSH Auth Keys Reuse Exposes Sophisticated Targeted Phishing Attack - A coordinated phishing campaign targeting Kuwait’s critical sectors has been exposed through a distinctive operational security lapse: the consistent reuse of SSH authentication keys across multiple attack servers. The campaign, which remains ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Feds charge 12 more suspects in RICO case over crypto crime spree | The Record from Recorded Future News - Two additional suspects in the case — 20-year-old Malone Lam and Jeandiel Serrano, 21 — were arrested in September 2024 and charged in connection with the theft of about $245 million from a victim in Washington, D.C through a social engineering ...
6 days ago Therecord.media
6 days ago Therecord.media
CVE-2025-5059 - A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to ...
20 hours ago
20 hours ago
CVE-2025-4771 - A vulnerability, which was classified as critical, was found in PHPGurukul Online Course Registration 3.1. Affected is an unknown function of the file /admin/course.php. The manipulation of the argument coursecode leads to sql injection. It is ...
6 days ago
6 days ago
CVE-2025-4772 - A vulnerability has been found in PHPGurukul Online Course Registration 3.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/department.php. The manipulation of the argument department leads to ...
6 days ago
6 days ago
Hackers Attacking Industrial Automation Systems With 11,600+ Malware Families - Industrial automation systems worldwide are facing an unprecedented scale of cyber threats, with security researchers detecting a staggering 11,679 distinct malware families targeting critical infrastructure in the first quarter of 2025. Securelist ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Windows Security Updates: How to Stay Ahead of Vulnerabilities - In April 2025, cybersecurity teams were starkly reminded of the stakes involved in patch management when Microsoft disclosed CVE-2025-29824, a zero-day privilege escalation flaw in the Windows Common Log File System (CLFS) driver. In April 2025, ...
6 days ago Cybersecuritynews.com CVE-2025-29824
6 days ago Cybersecuritynews.com CVE-2025-29824
Multiple Ivanti Endpoint Manager Vulnerabilities Allows Remote Code Execution - Critical security flaws have been uncovered in Ivanti Endpoint Manager Mobile (EPMM), a widely used mobile device management (MDM) solution, exposing organizations to the risk of unauthenticated remote code execution (RCE). The discovery and ongoing ...
6 days ago Cybersecuritynews.com CVE-2025-4427
6 days ago Cybersecuritynews.com CVE-2025-4427
New Vulnerability Affects All Intel Processors From The Last 6 Years - Affecting all Intel processors released in the past six years-including those in consumer devices and cloud server infrastructure-the vulnerability exploits speculative execution technologies designed to accelerate computational performance. The BPRC ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
Hands-on Malware Analysis Training to Boost Up SOC & MSSP Teams - With ANY.RUN malware analysis training learners are provided with unrestricted access to the sandbox and a curated collection of new malware samples contributed by ANY.RUN’s extensive global user community comprises 15,000 corporate security ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-4778 - A vulnerability was found in PHPGurukul Park Ticketing Management System 2.0. It has been declared as critical. This vulnerability affects unknown code of the file /normal-search.php. The manipulation of the argument searchdata leads to sql ...
6 days ago
6 days ago
macOS Gatekeeper Explained: Strengthening System Defenses - Apple’s macOS Gatekeeper, a cornerstone of the operating system’s defense against malicious software, has undergone significant macOS Sequoia (15.0) updates to address emerging security challenges. Developers submitting apps to Apple’s notary ...
6 days ago Cybersecuritynews.com
6 days ago Cybersecuritynews.com
CVE-2025-4894 - A vulnerability classified as problematic was found in calmkart Django-sso-server up to 057247929a94ffc358788a37ab99e391379a4d15. This vulnerability affects the function gen_rsa_keys of the file common/crypto.py. The manipulation leads to inadequate ...
3 days ago
3 days ago
CVE-2025-23167 - A flaw in Node.js 20's HTTP parser allows improper termination of HTTP/1 headers using `\r\n\rX` instead of the required `\r\n\r\n`. ...
3 days ago
3 days ago
CVE-2025-48391 - In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing permission checks in API ...
2 days ago
2 days ago