CyberSecurityBoard
Sponsor Register Login

Cyber News

CyberSecurityBoard.com is a cyber news aggregator platform with all of the top news, blogs, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place. CyberSecurityBoard's ultimate goal is providing a useful and effective tool to help you getting a better understanding and quicker overview of everything happening in the world of Cybersecurity.

Latest Cyber News

Microsoft fixes Windows Server 2025 blue screen, install issues - Microsoft also fixed a bug that caused authentication issues when Credential Guard was enabled on systems using the Kerberos PKINIT pre-auth security protocol, and it introduced a new Windows 11 24H2 safeguard hold for systems with SenseShield ...
3 minutes ago Bleepingcomputer.com
ChatGPT Creates Working Exploit for CVE's Before Public PoCs Released - In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities before public proof-of-concept (PoC) exploits are ...
5 hours ago Cybersecuritynews.com CVE-2025-32433
How to Secure the Extended Enterprise - CISO Insights on Third-Party Risk - For Chief Information Security Officers (CISOs), mitigating third-party risks requires a strategic blend of technological rigor, contractual accountability, and cross-organizational collaboration. Recent high-profile supply chain attacks, such as ...
6 hours ago Cybersecuritynews.com
Thousands of Baltimore students, teachers affected by data breach following February ransomware attack | The Record from Recorded Future News - A Baltimore City Public Schools official confirmed to Recorded Future News that the incident was a ransomware attack but said no ransom was paid. Officials at Baltimore City Public Schools published a breach notice on Tuesday warning that a cyber ...
7 hours ago Therecord.media
Marks & Spencer confirms a cyberattack as customers face delayed orders - "Marks and Spencer Group plc (the Company, or M&S) has been managing a cyber incident over the past few days," reads the M&S statement. Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past few days ...
8 hours ago Bleepingcomputer.com
Active! Mail RCE flaw exploited in attacks on Japanese orgs - Late last week, Qualitia released a security bulletin about a stack-based buffer overflow vulnerability tracked under CVE-2025-42599 (CVSS v3 score: 9.8, "critical") impacting all versions of Active! up to and including 'BuildInfo: 6.60.05008561' on ...
10 hours ago Bleepingcomputer.com CVE-2025-42599
Hackers Abuse Cloudflare Tunnel Infrastructure to Deliver Multiple RATs - The evolution of this attack campaign demonstrates how threat actors continuously adapt their techniques to bypass security controls, emphasizing the importance of multi-layered detection approaches and continuous monitoring for similar attack ...
10 hours ago Cybersecuritynews.com
Malicious npm Packages Attacking Linux Developers to Install SSH Backdoors - Discovered in early 2025, several malicious npm packages have been masquerading as legitimate Telegram bot libraries to deliver SSH backdoors and exfiltrate sensitive data from unsuspecting developers. The malicious variants—node-telegram-utils, ...
11 hours ago Cybersecuritynews.com
Hackers abuse Zoom remote control feature for crypto-theft attacks - A hacking group dubbed 'Elusive Comet' targets cryptocurrency users in social engineering attacks that exploit Zoom's remote control feature to trick users into granting them access to their machines. "For organizations handling particularly ...
11 hours ago Bleepingcomputer.com
Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs | The Record from Recorded Future News - The scheme typically starts with a phishing attempt through a messaging app like Signal or WhatsApp inviting potential victims “to join a video call to discuss the conflict in Ukraine,” Volexity says. The report does not link them to existing ...
12 hours ago Therecord.media
Windows 10 KB5055612 preview update fixes a GPU bug in WSL2 - Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2). Windows 10 users can also manually download and ...
12 hours ago Bleepingcomputer.com
FBI Warns of Scammers Mimic as IC3 Employees to Defraud Individuals - “The threat actors have implemented multi-stage encryption and fileless execution methods that make traditional detection extremely difficult,” noted Senior IC3 Cyber Analyst Maria Chen. Cyber Security News is a Dedicated News Platform ...
12 hours ago Cybersecuritynews.com
SK Telecom warns customer USIM data exposed in malware attack - USIM data is information stored on a Universal Subscriber Identity Module (USIM), which typically includes International Mobile Subscriber Identity (IMSI), Mobile Station ISDN Number (MSISDN), authentication keys, network usage data, and SMS or ...
13 hours ago Bleepingcomputer.com
New Magecart Attack With Malicious JavaScript Steals Credit Card Data - The attack progression follows four distinct phases: initial back-end access using stolen credentials, web shell installation for persistent control, database poisoning through injection of obfuscated code, and finally, the credit card theft phase ...
13 hours ago Cybersecuritynews.com
Beyond SSL: Advanced Cyber Security Tools Every eCommerce Site Needs - If you’re operating an eCommerce platform and relying solely on SSL certificates to secure your website, you’re essentially placing a lock on your front door while leaving your windows wide open. Multi-Factor Authentication (MFA) adds an ...
13 hours ago Cybersecuritynews.com
Ripple’s recommended XRP library xrpl.js hacked to steal wallets - The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the ...
14 hours ago Bleepingcomputer.com
Cybersecurity Indicators: How IOCs, IOBs, and IOAs Empower Threat Detection and Prevention - ANY.RUN’s suite of tools, including its Interactive Sandbox, TI Lookup, and TI Feeds, equips over 500,000 cybersecurity professionals and 15,000 organizations with the means to harness IOCs, IOBs, and IOAs effectively. IOAs empower proactive threat ...
16 hours ago Cybersecuritynews.com
British retailer M&S confirms being hit by ‘cyber incident’ amid store delays | The Record from Recorded Future News - The company told the London stock exchange that it has brought in external cyber security experts to investigate and manage the incident, as well as reported it to the relevant regulators and the National Cyber Security Centre. British retailer Marks ...
16 hours ago Therecord.media
Cookie-Bite attack PoC uses Chrome extension to steal session tokens - A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, ...
16 hours ago Bleepingcomputer.com
Strategic Cybersecurity Budgeting - CISO Best Practices - Effective budget management requires balancing competing priorities, justifying investments to executive leadership, and demonstrating tangible security improvements. By mapping security investments directly to business outcomes, CISOs can make more ...
17 hours ago Cybersecuritynews.com
Chrome To Add New “Protect your IP address” Settings With Incognito Protections - Google Chrome is preparing to roll out a major privacy update with the introduction of a new “Incognito tracking protections” page, designed to give users more control and transparency over their data while browsing privately. By consolidating ...
17 hours ago Cybersecuritynews.com
Malicious npm and PyPI Pose as Developer Tools to Steal Login Credentials - The researchers noted that the packages employ various exfiltration methods to transmit stolen credentials to threat actors, with react-native-scrollpageviewtest using Google Analytics as its exfiltration channel, while the PyPI packages leverage ...
17 hours ago Cybersecuritynews.com
Criminal IP Set to Unveil Next-Gen Threat Intelligence at RSAC™ 2025 - April 28 – May 1, 2025 Criminal IP, the global cybersecurity platform specializing in AI-powered threat intelligence and OSINT-based data analytics, will exhibit at RSAC 2025 Conference, held from April 28 to May 1 at the Moscone Center in San ...
17 hours ago Cybersecuritynews.com
Security Metrics Every CISO Needs to Report to the Board in 2025 - CISOs should report the percentage of critical vendors meeting security and compliance standards, the average time to remediate third-party vulnerabilities, and the potential financial impact of high-risk suppliers. By quantifying the business value ...
17 hours ago Cybersecuritynews.com
TP-Link Router Vulnerabilities Let Attackers Inject Malicious SQL Commands - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. TP-Link has been notified of these vulnerabilities, but as of this publication, no security patches have been confirmed as ...
17 hours ago Cybersecuritynews.com
Zero Trust Adoption - A Strategic Guide for the CISO and Security Leaders - The most valuable Zero Trust metrics connect security improvements to business outcomes: reduced breach impact, improved regulatory compliance posture, decreased incident response times, and enhanced ability to safely adopt new technologies. ...
17 hours ago Cybersecuritynews.com
Navigating the Future of Cybersecurity Leadership - A CISO’s Roadmap for 2025 - CISOs must anticipate emerging risks, champion a security culture, and drive innovation that aligns with business objectives to thrive. As CISOs navigate the complexities of 2025 and beyond, those who embrace strategic alignment, proactive defense, ...
17 hours ago Cybersecuritynews.com
From Reactive to Predictive - The Next Frontier for Security Leaders - Security leaders who embrace this frontier are positioning their organizations to stay ahead of threats, minimize risk, and build lasting resilience. In today’s hyper-connected world, cyber threats are evolving quickly, challenging security leaders ...
18 hours ago Cybersecuritynews.com
Hackers Attacking Network Edge Devices to Compromise SMB Organizations - Sophos researchers noted in their recent Annual Threat Report that ransomware attacks remain the primary existential cyber threat to small and midsized organizations, with ransomware cases accounting for 70 percent of incident response engagements ...
18 hours ago Cybersecuritynews.com CVE-2024-40711
Lumma Stealer Exploits Fake CAPTCHA Pages to Harvest Sensitive Data - Organizations should implement robust endpoint protection solutions and user awareness training to mitigate the risk posed by this increasingly prevalent threat, as even corporate environments have fallen victim to Lumma Stealer infections that may ...
18 hours ago Cybersecuritynews.com
Hacker Tricked SSL.com To Get Certificate Issued for Alibaba - A prominent certificate authority (SSL.com) has disclosed a significant security vulnerability in its domain validation system that could allow attackers to obtain fraudulent SSL certificates for domains they don’t own. SSL.com’s ...
18 hours ago Cybersecuritynews.com
Hackers Leverage Legitimate MS Utility Tool to Inject a Malicious DLL Payload - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Just two months ago, researchers from Trend Micro uncovered a sophisticated attack campaign by Earth Preta (also known as ...
18 hours ago Cybersecuritynews.com Mustang Panda
Researchers Uncovered Latest Version of Lumma InfoStealer with Code Flow Obfuscation - Cybersecurity researchers have recently uncovered a sophisticated new variant of the notorious Lumma InfoStealer malware, featuring advanced code flow obfuscation techniques designed to evade detection by security solutions. “This version of ...
19 hours ago Cybersecuritynews.com
Samsung One UI Security Flaw Exposes Users Data in Plain Text With No Expiration! - Security researchers have identified that Samsung devices running Android 9 or later store all clipboard content—including passwords, banking details, and personal messages in plain text indefinitely with no automatic deletion mechanism. Even when ...
19 hours ago Cybersecuritynews.com
New Rust Botnet Hijacking Routers to Inject Commands Remotely - Dubbed “RustoBot” due to its Rust-based implementation, this malware exploits critical vulnerabilities in TOTOLINK and DrayTek router models to execute remote command injections, potentially affecting technology industries across Japan, ...
20 hours ago Cybersecuritynews.com
CISA Warns Threat Hunting Staff to Stop Using Censys & VirusTotal - “We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the April 16-dated notification sent to more than 500 CISA cyber threat hunters. Homeland ...
21 hours ago Cybersecuritynews.com Hunters
Sophisticated WordPress Ad-fraud Plugins Generated 1.4 Billion Ad Requests Per Day - The sophisticated scheme, recently disrupted by HUMAN’s Satori Threat Intelligence and Research team, exploited digital piracy through a collection of four WordPress extensions that redirect users through ad-laden intermediary pages before ...
22 hours ago Cybersecuritynews.com Cloak
Microsoft Boosts MSA Signing Service Security on Azure Following Storm-0558 Breach - “We have applied new defense-in-depth protections, migrated the Microsoft Account (MSA) signing service to run on Azure confidential VMs, and we are migrating the Entra ID signing service to Azure confidential VMs,” states the report, ...
22 hours ago Cybersecuritynews.com
Patching Vulnerabilities Faster Reduces Risks & Lower Cyber Risk Index - Organizations implementing rapid patching protocols experienced a measurable decrease in their Cyber Risk Index (CRI), demonstrating the critical importance of timely security updates in an increasingly volatile threat landscape. Organizations ...
23 hours ago Cybersecuritynews.com Equation
Why CISOs Are Betting Big on AI, Automation & Zero Trust - CISOs are betting big on modern defenses as hybrid work, cloud migration, and advanced threats make traditional security frameworks obsolete. By embedding these technologies into organizational DNA, CISOs transform security from a technical checkbox ...
23 hours ago Cybersecuritynews.com
Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation - “This CVE is a masterclass in path abuse, trusted location redirection, and privilege escalation using native components — everything a red team loves and a blue team fears,” Cyberdom said to Cyber Security News. Security analysts have ...
1 day ago Cybersecuritynews.com CVE-2025-21204
HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication - Similar remote authentication bypass flaws have previously been identified in other enterprise management platforms, including a 2021 vulnerability in HP Cloud Service Automation that allowed remote authentication bypass when using Node.js in FIPS ...
1 day ago Cybersecuritynews.com
The Psychology of Social Engineering - What Security Leaders Should Know - Creating a security culture that addresses the psychological dimensions of social engineering requires a fundamental shift in how security leaders approach human vulnerability. When examining security incidents, leaders often focus on which technical ...
1 day ago Cybersecuritynews.com
Bridging the Gap - CISOs and CIOs Driving Tech-Driven Security - Bridging the gap between CISOs and CIOs is essential for building robust, tech driven security strategies that not only protect but also empower organizations to innovate with confidence. When CISOs and CIOs speak the same language and pursue common ...
1 day ago Cybersecuritynews.com
MITRE Launches New D3FEND CAD Tool to Create Precise Cybersecurity Scenarios - This new tool enables security practitioners to create structured, detailed cybersecurity scenarios grounded in the D3FEND ontology, transforming how organizations model and respond to cyber threats. Developed through collaboration between MITRE, the ...
1 day ago Cybersecuritynews.com
WinZip MotW Bypass Vulnerability Let Hackers Execute Malicious Code Silently - The exploitation process is straightforward: attackers create a malicious file (such as a .docm file with dangerous macros), compress it into an archive, distribute it via phishing or compromised websites, and when victims extract it using WinZip, ...
1 day ago Cybersecuritynews.com CVE-2025-0411
Whistleblower: DOGE Siphoned NLRB Case Data – Krebs on Security - “Our acting chief information officer told us not to adhere to standard operating procedure with the DOGE account creation, and there was to be no logs or records made of the accounts created for DOGE employees, who required the highest level ...
1 day ago Krebsonsecurity.com
Two top cyber officials resign from CISA | The Record from Recorded Future News - Lord previously served as the first chief security officer at the Democratic National Committee in 2018, where he worked to boost campaign cybersecurity in the wake of the 2016 breaches of the DNC and Hillary Clinton’s campaign by Russian hackers, ...
1 day ago Therecord.media
Southeast Asian cyber fraud industry at ‘inflection point’ as it expands globally | The Record from Recorded Future News - Another one of those areas is the Pacific islands, where criminal groups with connections to the Southeast Asian fraud industry have built up infrastructure like casinos and resorts and have taken advantage of citizenship-by-investment schemes on ...
1 day ago Therecord.media
How to Protect Yourself From Phone Searches at the US Border | WIRED - Canadian authorities have updated travel guidance to warn of phone searches and seizures, some corporate executives are reconsidering the devices they carry, some officials in Europe continue to receive burner phones for certain trips to the US, and ...
1 day ago Wired.com
"Microsoft’s Secure Future Initiative" Biggest cybersecurity Project in Its History - Led by Charlie Bell, Executive Vice President of Microsoft Security, the initiative has mobilized the equivalent of 34,000 engineers working full-time for 11 months to bolster security for Microsoft, its customers, and the broader industry. Following ...
1 day ago Cybersecuritynews.com
Microsoft Addresses Entra ID Token Logging Issue, Alerts to Protect Users - Microsoft has acknowledged a recent issue that triggered widespread alerts in its Entra ID Protection system, flagging user accounts as high risk due to supposed credential leaks on the dark web. The alerts have been attributed to a combination of an ...
1 day ago Cybersecuritynews.com
Digital Forensics In 2025: How CSOs Can Lead Effective Investigations - Digital forensics now encompasses a broad spectrum of investigative techniques and methodologies used to extract, preserve, and analyze data from computers, smartphones, servers, cloud platforms, and a wide array of Internet of Things (IoT) devices. ...
1 day ago Cybersecuritynews.com
Building SOAR Playbooks To Respond To Common Web-Based Attacks - For web-based attacks, a playbook must be able to handle a wide variety of threat vectors, from phishing emails and malicious URLs to web application firewall (WAF) alerts and suspicious file downloads. By automating the detection, investigation, and ...
1 day ago Cybersecuritynews.com
Penetration Testing And Threat Hunting: Key Practices For Security Leaders - Security leaders should view penetration testing and threat hunting not as discrete activities but as essential components of a mature security program that evolves from passive defense to active threat detection and mitigation. Penetration testing ...
1 day ago Cybersecuritynews.com Hunters
Attack Via Infostealers Increased by 84% Via Phishing Emails Per Week - The combination of sophisticated obfuscation techniques, trusted file formats, and legitimate hosting platforms creates a perfect storm for credential theft operations, requiring organizations to implement layered defenses that extend beyond ...
1 day ago Cybersecuritynews.com
North Korean IT Workers Using Real-time Deepfake to Infiltrate Organizations via Remote Job - What makes this threat particularly concerning is the accessibility of the technology – researchers demonstrated that a single individual with no prior image manipulation experience could create a synthetic identity suitable for job interviews in ...
1 day ago Cybersecuritynews.com
Microsoft Entra account lockouts caused by user token logging mishap - However, an admin for one of the impacted organizations shared an advisory sent by Microsoft stating that the issue was caused by the company mistakenly logging the impacted account's user refresh tokens rather than just their metadata. "On Friday ...
1 day ago Bleepingcomputer.com
New Phishing Attack Appending Weaponized HTML Files Inside SVG Files - When opened, these files execute their embedded code, either displaying an HTML page with deceptive content or using JavaScript to redirect victims to sophisticated phishing sites that mimic legitimate services like Google Voice or Microsoft login ...
1 day ago Cybersecuritynews.com
Protecting Against Insider Threats - Strategies for CISOs - By leveraging risk quantification tools, CISOs can present complex cybersecurity data in familiar business terms, aligning security initiatives with broader organizational goals and ensuring that cybersecurity is seen as a strategic enabler rather ...
1 day ago Cybersecuritynews.com
Cybersecurity Metrics That Matter for Board-Level Reporting - By focusing on the right metrics, security leaders can help boards understand the organization’s risk posture, justify investments, and drive a culture of shared accountability. By framing metrics in terms of potential business impact such as ...
1 day ago Cybersecuritynews.com
Akira Ransomware Using Compromised Credentials and Public Tools in New Wave of Cyberattacks - According to their leak site, the group has compromised over 350 organizations, with victims who refuse payment seeing their data published in the dedicated “Leaks” section. The cybersecurity landscape faces a mounting threat as the Akira ...
1 day ago Cybersecuritynews.com Akira
Business Continuity in a Digital World - CISO Perspectives - By bridging the gap between technical security operations and business objectives, forward-thinking CISOs help organizations build adaptive resilience that can withstand the unpredictable nature of digital disruptions. The role of Chief Information ...
1 day ago Cybersecuritynews.com
The Role of Threat Intelligence in Proactive Defense - Threat intelligence has emerged as a crucial component in this proactive defense strategy, empowering leaders to make informed decisions, allocate resources effectively, and foster a culture of cyber resilience. By prioritizing threat intelligence ...
1 day ago Cybersecuritynews.com
Hackers Weaponizing Certificates & Stolen Private Keys to Infiltrate Organizations - This emerging attack vector exploits the inherent trust placed in digitally signed code and certificates, allowing malicious actors to bypass traditional security controls that typically flag unsigned executables. When executed, the malware inherits ...
1 day ago Cybersecuritynews.com
RedGolf Hackers Exposes Fortinet Exploits & Tools Used to Hack Organizations - Security experts recommend organizations use Fortinet products to immediately update to the latest firmware versions and monitor for suspicious access patterns to CLI endpoints, particularly those involving WebSocket connections or forwarded headers ...
1 day ago Cybersecuritynews.com APT41
Threat Actors Allegedly Selling Baldwin Killer that Bypasses AV & EDR - Security researchers analyzing the offering note that it utilizes a kernel-mode rootkit (Ring 0) approach similar to the “Chaos-Rootkit” to hide malicious processes through Direct Kernel Object Manipulation (DKOM). Security researchers ...
1 day ago Cybersecuritynews.com CVE-2024-1853 Qilin
Windows Defender Policies Bypassed Using WinDbg Preview via Microsoft Store - The exploit leverages WinDbg Preview, available through the Microsoft Store, to inject malicious code into legitimate processes, effectively bypassing security controls designed to prevent unauthorized code execution. The bypass works because WinDbg ...
1 day ago Cybersecuritynews.com
28-year-Old Lost 2 Lakhs by Just Downloading image in WhatsApp - One early morning, Jain received a call from an unknown number, followed by a WhatsApp message containing a photo of an elderly man with the question, “Do you know this person?” Initially, Jain ignored the message, but after receiving ...
1 day ago Cybersecuritynews.com
VibeScamming - Hackers Using AI Tools to Generate Phishing Ideas & Working Models - In a concerning evolution of cybercrime, security researchers have identified a new threat known as “VibeScamming” – where malicious actors leverage generative AI to create sophisticated phishing campaigns with minimal effort. Their ...
1 day ago Cybersecuritynews.com
Industry First: StrikeReady AI Platform Moves Security Teams Beyond Basic, One-Dimensional AI-Driven Triage Solutions - Founded in 2019, StrikeReady introduced the first unified, vendor-agnostic, AI-powered Security Command Center delivering full-spectrum risk visibility, intelligent threat management, and automated response from a single, integrated platform. This ...
1 day ago Cybersecuritynews.com
WordPress ad-fraud plugins generated 1.4 billion ad requests per day - A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests. Scallywag was uncovered by bot and fraud detection ...
1 day ago Bleepingcomputer.com Cloak
New Command-Line Obfuscation Technique Bypasses AVs and EDRs - When a command is executed with these obfuscation techniques, the obfuscated version is what gets recorded by security monitoring tools. The techniques, detailed in a comprehensive study released on March 24, 2025, exploit parsing inconsistencies in ...
1 day ago Cybersecuritynews.com
Ransomware Attack on Banks Costs an Average of $6.08 Million Along With Downtime & Reputation Loss - Financial institutions can significantly reduce their risk exposure by implementing comprehensive security awareness training and regularly testing their incident response capabilities against simulated banking-specific ransomware scenarios. What ...
1 day ago Cybersecuritynews.com
Japan warns of hundreds of millions of dollars in unauthorized trades from hacked accounts | The Record from Recorded Future News - “There are various types of fraudulent transactions, but in most cases, the fraudsters gain unauthorized access to victim accounts and manipulate them to sell stocks etc. At the Munich Cyber Security Conference last year, a senior official within ...
1 day ago Therecord.media

Trending Cyber News (last 7 days)

Microsoft warns of blue screen crashes caused by April updates - Earlier this week, Microsoft released emergency Windows updates to address an issue affecting local audit logon policies in Active Directory Group Policy and warned admins that Windows Server 2025 domain controllers might become inaccessible after ...
6 days ago Bleepingcomputer.com
CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse | The Record from Recorded Future News - Many in the cybersecurity community expressed alarm on Tuesday following a letter from Yosry Barsoum, MITRE’s vice president and director of the Center for Securing the Homeland, which warned that funding for the CVE program was expiring and the ...
6 days ago Therecord.media
British law firm fined after ransomware group publishes confidential client data | The Record from Recorded Future News - DPP only became aware data had been stolen when it was contacted by the National Crime Agency to be informed that data relating to its clients had been posted on the dark web, according to the official monetary penalty notice. Although the company ...
6 days ago Therecord.media
Critical Erlang/OTP SSH Vulnerability Allows Unauthenticated Remote Code Execution - The flaw, tracked as CVE-2025-32433, has been assigned the maximum CVSS score of 10.0, indicating an extremely severe security risk that requires immediate attention from affected organizations. Cyber Security News is a Dedicated News Platform For ...
5 days ago Cybersecuritynews.com CVE-2025-32433
Threat Actors Attacking Content Creators With Fake AI Tools to Hijack Their Devices - A recent campaign involved fake social media ads promoting “CapCutProAI,” which redirected users to sites hosting malware designed to steal sensitive information, including login credentials, cryptocurrency wallets, and browser histories, often ...
5 days ago Cybersecuritynews.com
Harvest Ransomware Attack - Details of Breach Disclosed - Cybersecurity experts recommend that organizations implement robust backup systems, employ multi-factor authentication, and regularly update security protocols to mitigate similar attacks, which have seen a 20% reduction in incident response times ...
5 days ago Cybersecuritynews.com
Airport retailer agrees to $6.9 million settlement over ransomware data breach | The Record from Recorded Future News - The airport retail company Paradies Shops is close to finalizing a $6.9 million settlement to resolve a class-action lawsuit on behalf of employees whose personal information was stolen in a ransomware attack in 2020. Earlier this week, the eyecare ...
5 days ago Therecord.media
Hackers Revealed the Exploit Method Used to Hack 4chan Messageboard - “The hack was likely caused by 4chan using an extremely out-of-date version of PHP that has a lot of vulnerabilities and exploits and is using deprecated functions to interact with [their] MySQL database,” reported security researcher ...
6 days ago Cybersecuritynews.com
Hackers Exploiting NTLM Spoofing Vulnerability in the Wild - CVE-2025-24054 specifically involves the external control of file names or paths in Windows, allowing malicious actors to trigger SMB (Server Message Block) authentication requests that leak NTLMv2-SSP hashes during routine file operations. Check ...
6 days ago Cybersecuritynews.com CVE-2025-24054
Beware of Weaponized Amazon Gift Cards That Steals Microsoft Credentials - This new attack vector disguises malicious links within seemingly legitimate Amazon gift card emails, creating a perfect social engineering trap that leverages both financial incentives and corporate trust. Upon clicking the “View My eGift ...
5 days ago Cybersecuritynews.com
How to Prepare for Your Next Cybersecurity Audit - By leading audit preparation with clarity, collaboration, and a focus on long-term improvement, you can transform compliance exercises into strategic wins, building a safer, more resilient, and more competitive business for the future. Rather than ...
5 days ago Cybersecuritynews.com
LummaStealer Abuses Windows Utility to Execute Remote Code Mimic as .mp4 File - Cybereason security researchers identified a new and concerning infection vector where LummaStealer abuses the legitimate mshta.exe Windows utility to execute remote hosted code that masquerades as an .mp4 multimedia file. The initial JavaScript ...
5 days ago Cybersecuritynews.com
Researchers Uncovered Gamaredon's PteroLNK VBScript Malware Infrastructure & TTP's - “The scripts are designed to allow flexibility for their operators, enabling easy modification of parameters such as file names and paths, persistence mechanisms, and detection logic for security solutions on the target system,” the ...
5 days ago Cybersecuritynews.com
CISA warns of increased breach risks following Oracle Cloud leak - BleepingComputer ​​​​​has separately confirmed with multiple Oracle customers that leaked data samples (including associated LDAP display names, email addresses, given names, and other identifying information) received ...
5 days ago Bleepingcomputer.com
Chinese Hackers Using New BRICKSTORM Malware to Attack Windows & Linux Machines - Notably, unlike the Linux variant reported by Mandiant, the Windows samples lack direct command execution capabilities—a suspected deliberate choice to evade detection by security solutions that analyze parent-child process relationships. The ...
6 days ago Cybersecuritynews.com
Dell Alienware Command Center Vulnerability Let Attackers Escalate Privileges - According to Dell’s security advisory, “A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges” on the affected system. This indicates that while the ...
6 days ago Cybersecuritynews.com CVE-2024-22450
Hackers Weaponize Gamma Tool Via Cloudflare Turnstile to Steal Microsoft Credentials - Abnormal Security researchers identified this campaign as part of a growing trend of “living-off-trusted-sites” (LOTS) attacks, where threat actors exploit legitimate services to host malicious content. This campaign highlights the ...
6 days ago Cybersecuritynews.com
Cisco Webex Vulnerability Allows Code Execution via Weaponized Meeting Links - Although Cisco’s Product Security Incident Response Team (PSIRT) states they are “not aware of any public announcements or malicious use of the vulnerability,” security experts warn that weaponization could happen quickly now that ...
6 days ago Cybersecuritynews.com CVE-2025-20236
Ahold Delhaize confirms data theft after INC ransomware claims attack - Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. Ahold Delhaize noted that the investigation into the incident remains ongoing, and if customer data is confirmed to ...
5 days ago Bleepingcomputer.com Inc ransom
Hackers Weaponize MMC Script to Deploy MysterySnail RAT Malware - “While conducting threat hunting activities, it’s crucial to consider that old malware families, which have not been reported on for years, may continue their activities under the radar,” warn researchers. The case of MysterySnail ...
5 days ago Cybersecuritynews.com
Dutch parent company of Hannaford and Stop & Shop confirms data stolen in cyberattack | The Record from Recorded Future News - Cybersecurity experts at Palo Alto Networks and Group-IB previously said another ransomware gang, known as Lynx, is either a rebrand of INC or purchased the group’s source code and recently attacked Romania's largest electricity provider. ...
5 days ago Therecord.media Inc ransom
Why Modern CISOs Must Be Business Translators, Not Just Technologists - This evolution means that modern CISOs must excel as technologists and business translators professionals who can bridge the gap between complex technical realities and the organization’s strategic objectives. By translating technical risks into ...
6 days ago Cybersecuritynews.com
CVE-2025-43715 - Nullsoft Scriptable Install System (NSIS) before 3.11 on Windows allows local users to escalate privileges to SYSTEM during an installation, because the temporary plugins directory is created under %WINDIR%\temp and unprivileged users can place a ...
6 days ago
Windows 11 24H2 Update Bug Triggers BSOD Error - Emergency Fix - Microsoft has officially confirmed a major bug in its recent Windows 11 24H2 updates that is causing widespread Blue Screen of Death (BSOD) crashes, displaying the stop error code “SECURE_KERNEL_ERROR” (0x18B). The issue, first reported by ...
5 days ago Cybersecuritynews.com
The Future of GRC - Integrating ESG, Cyber, and Regulatory Risk - Chief Risk Officers increasingly serve as strategic advisors to the C-suite, helping executives understand how seemingly disparate risks from climate change to ransomware to regulatory enforcement could collectively impact strategic objectives. The ...
5 days ago Cybersecuritynews.com
Why Threat Modeling Should Be Part of Every Security Program - Training is another critical success factor; security professionals need technical proficiency in threat modeling methodologies, while business stakeholders require enough understanding to participate meaningfully in the process. With patient ...
5 days ago Cybersecuritynews.com
CISA Warns of Multiple Apple 0-day Vulnerabilities Actively Exploited in Attacks - These critical security flaws affect a wide range of Apple products, including iOS, iPadOS, macOS, and other related systems, leaving users vulnerable to sophisticated threat actors leveraging previously unknown security gaps. The discovery is a ...
5 days ago Cybersecuritynews.com CVE-2025-31200
Chinese UNC5174 Actors Added New Open Source Tool & C2 Infrastructure to Their Arsenal - Cyber Security News - The group, known for targeting government institutions and critical infrastructure across Southeast Asia and North America, has expanded their arsenal with a modified version of an open-source remote access tool that enables persistent access to ...
6 days ago Cybersecuritynews.com
Hackers Attacking Investors Via Fraud Networks to Steal Financial Data - A sophisticated cybercriminal campaign targeting Indian investors through fraudulent stock and cryptocurrency schemes has escalated, with hackers leveraging social engineering, fake mobile applications, and compromised government websites to steal ...
6 days ago Cybersecuritynews.com
Google blocked over 5 billion ads in 2024 amid rise in AI-powered scams - "To fight back, we quickly assembled a dedicated team of over 100 experts to analyze these scams and develop effective countermeasures, such as updating our Misrepresentation policy to suspend advertisers that promote these scams," explains Google's ...
6 days ago Bleepingcomputer.com
CVE-2025-31340 - A improper control of filename for include/require statement in PHP program vulnerability in the retrieve course Information function of Wisdom Master Pro versions 5.0 through 5.2 allows remote attackers to perform arbitrary system commands by ...
6 days ago
China Plans to Strengthen Its Cybersecurity Cooperation With Russia - Russian and Chinese military departments share “common views, a common assessment of the situation and a common understanding” of joint strategic objectives, according to Russian Defense Minister Andrei Belousov in recent statements. ...
5 days ago Cybersecuritynews.com
Threat Actors Using Cascading Shadows Attack Chain to Avoid Detection & Complicate Analysis - A sophisticated phishing campaign leveraging a multi-layered attack chain dubbed “Cascading Shadows” has been uncovered by the Palo Alto Networks’ Unit 42 researchers in December 2024. This campaign delivers malware families like ...
5 days ago Cybersecuritynews.com
APT29 Hackers Employs GRAPELOADER in New Attack Against European Diplomats - A sophisticated phishing campaign by Russian-linked threat group APT29 has been actively targeting European diplomatic entities since January 2025, according to a recent security report. Additionally, the malware employs an evasion technique when ...
6 days ago Cybersecuritynews.com Cozy Bear APT29
Server-Side Phishing Attacks Employees & Member Portals to Steal Login Credentials - The campaign utilizes cloned login pages designed to harvest credentials through PHP-based phishing kits, with the attackers implementing server-side validation techniques to avoid detection by security tools and researchers. function ...
6 days ago Cybersecuritynews.com
CVE-2025-1525 - The Ultimate Dashboard WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is ...
6 days ago
Mustang Panda Employs Using Weaponized RAR Archives to Install New ToneShell Malware - The threat actor has been observed utilizing weaponized RAR archives containing malicious DLLs alongside legitimate signed executables to deploy updated variants of ToneShell malware through DLL sideloading techniques. Security researchers have ...
5 days ago Cybersecuritynews.com Mustang Panda
Hackers Abuse Node.js to Deliver Malware & Steal Data - Attracting malicious code within Node.js executables or npm (Node Package Manager) packages allows attackers to blend their malware with legitimate applications, evade detection, and persist within target environments. These installers contain ...
6 days ago Cybersecuritynews.com
How CISOs Can Create a Culture of Cybersecurity Accountability - Over time, organizations with strong accountability cultures exhibit clear signs: employees raise security questions unprompted, business units proactively assess risks, and security considerations are naturally integrated into project planning and ...
6 days ago Cybersecuritynews.com
SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions - Titled “Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out”, the talk will demonstrate multiple data splicing techniques that will allow attackers to exfiltrate any sensitive file or clipboard data, completely bypassing major Data ...
6 days ago Cybersecuritynews.com
CVE-2025-43717 - In PEAR HTTP_Request2 before 2.7.0, multiple files in the tests directory, notably tests/_network/getparameters.php and tests/_network/postparameters.php, reflect any GET or POST parameters, leading to XSS. ...
6 days ago
Agent Tesla Malware Employs Multi-Stage Attacks Using PowerShell Scripts - Security researchers have identified a sophisticated malware campaign utilizing Agent Tesla variants delivered through elaborate multi-stage attack sequences. Broadcom researchers noted that these Agent Tesla variants employ particularly ...
5 days ago Cybersecuritynews.com
CISA Warns of Credential Risks Linked to Oracle Cloud Compromise - While Oracle disputes claims of a significant breach, CISA warns that the incident could pose substantial risks to both organizations and individuals particularly where sensitive credential material may have been exposed or reused across multiple ...
5 days ago Cybersecuritynews.com CVE-2021-35587
CTM360 Tracks Global Surge in SMS-Based Reward and Toll Scams - PointyPhish – Sends fake SMS alerts about expiring reward points to banking, airline, and retail store customers, leading to phishing pages that steal full credit/debit card details. CTM360 detected thousands of these phishing sites across ...
5 days ago Bleepingcomputer.com
Top Security Frameworks Used by CISOs in 2025 - By focusing on these strategic implementation approaches, CISOs can derive maximum value from security frameworks while operating within resource constraints, ultimately strengthening organizational resilience against the complex threat landscape of ...
5 days ago Cybersecuritynews.com
CrazyHunter Hacker Group Using Open-Source Tools from GitHub to Attack Organizations - Once they’ve gained sufficient control, they deploy their ransomware, encrypting files with the “.Hunter” extension and leaving a ransom note titled “Decryption Instructions.txt” while also changing the victim’s ...
5 days ago Cybersecuritynews.com
CVE-2025-43921 - GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. ...
3 days ago
Incident Response Teams Call For Unified Logging Standards In Breach Scenarios - In today’s rapidly evolving cybersecurity landscape, incident response teams are increasingly advocating for unified logging standards to effectively combat security breaches. When selecting logs for security incident response, organizations ...
6 days ago Cybersecuritynews.com
Why Phishing Remains the #1 Cyber Threat and How to Stop It - Unlike many cyber threats that rely solely on technical vulnerabilities, phishing exploits natural human tendencies such as trust, urgency, and curiosity. Additionally, adopting zero-trust security frameworks, which require continuous verification of ...
6 days ago Cybersecuritynews.com
First Time Ever AI Bad Bots Accounts 51% Traffic Suppresses Human Traffic - In a watershed moment for internet traffic patterns, automated bots have officially surpassed human activity for the first time in history, accounting for a staggering 51% of all web traffic in 2024, according to Imperva’s latest Bad Bot ...
6 days ago Cybersecuritynews.com