CyberSecurityBoard
Sponsor Register Login

Cyber News

CyberSecurityBoard.com is a cyber news aggregator platform with all of the top news, blogs, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place. CyberSecurityBoard's ultimate goal is providing a useful and effective tool to help you getting a better understanding and quicker overview of everything happening in the world of Cybersecurity.

Latest Cyber News

Hackers Registered 10K Domains With Same Name for Smishing Attack Via iMessage - Cyber Security News learned that the registered domains follow a consistent pattern, with root domain names beginning with the string “com-.” This naming convention is intended to mislead victims during casual inspections of URLs, making ...
2 hours ago Cybersecuritynews.com
Lumma Stealer Launch "Click Fix" Style Attack via Fake Google Meet & Windows Update Sites - The “click fix” distribution method involves malicious web pages that display instructions for users to open a run window, paste a preloaded PowerShell script from their clipboard, and execute it. Recent Palo Alto research investigations ...
3 hours ago Cybersecuritynews.com
Feds Link $150M Cyberheist to 2022 LastPass Hacks – Krebs on Security - In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service ...
7 hours ago Krebsonsecurity.com
Threat Actors Leverage YouTubers to Attack Windows Systems Via SilentCryptoMiner - Security researchers have uncovered a sophisticated malware campaign where threat actors are coercing popular YouTubers to distribute SilentCryptoMiner malware disguised as restriction bypass tools. One particularly concerning distribution method ...
9 hours ago Cybersecuritynews.com
Getting Access to Internal Networks Via Physical Pentest - Case Study - A recent case study conducted by Hackmosphere for a furniture retailer, referred to as ExCorp, revealed how physical access to facilities could compromise internal networks despite robust cybersecurity measures. The team was particularly interested ...
10 hours ago Cybersecuritynews.com
Bug affecting PHP scripts demands ‘immediate action from defenders globally’ | The Record from Recorded Future News - Cisco Talos said Thursday that the attacker it studied used a “command and control (C2) server that deploys a full suite of adversarial tools and frameworks.” The researchers said they believed the attacker’s motive was to move beyond just ...
11 hours ago Therecord.media CVE-2024-4577
Texas border city declares state of emergency after cyberattack on government systems | The Record from Recorded Future News - “The City of Mission, Texas, has suffered a cybersecurity incident such that the entire City computer server is at severe risk of a cyberattack that could release protected personal information, protected health information, civil and criminal ...
11 hours ago Therecord.media
US seizes $23 million in crypto stolen via password manager breach - A forfeiture complaint unsealed by the U.S. Justice Department yesterday and first spotted by crypto fraud investigator ZachXBT reveals that U.S. Secret Service agents who interviewed the victim believe the attackers could have only stolen the ...
13 hours ago Bleepingcomputer.com
Malicious use of Cobalt Strike down 80% after crackdown, Fortra says | The Record from Recorded Future News - Microsoft, the Health Information Sharing and Analysis Center (Health-ISAC) and Fortra, which bought Cobalt Strike in 2020, have worked since 2023 to address the longstanding issue of pirated and unlicensed versions of the software being downloaded ...
13 hours ago Therecord.media
Unpatched Edimax IP camera flaw actively exploited in botnet attacks - A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. The Edimax vulnerability is tracked as CVE-2025-1316 and is a critical severity (CVSS v4.0 ...
13 hours ago Bleepingcomputer.com CVE-2025-1316
Employee charged with stealing unreleased movies, sharing them online - Earlier this week, New York prosecutors said that two people working at a third-party contractor for the StubHub online ticket marketplace made $635,000 after reselling almost 1,000 stolen tickets for Taylor Swift's Eras Tour and other high-profile ...
15 hours ago Bleepingcomputer.com
New Malware Attacked 'Desert Dexter' Compromised 900+ Victims Worldwide - Security researchers at Positive Technologies have uncovered a sophisticated malware campaign dubbed “Desert Dexter” that has compromised more than 900 victims worldwide since September 2024. Positive Technologies researchers noted that ...
15 hours ago Cybersecuritynews.com
Home appliance company Presto says cyberattack causing delivery delays | The Record from Recorded Future News - National Presto Industries operates three separate business segments: its home appliance products, ranging from pressure cookers to waffle makers and air fryers; a set of subsidiaries that contract with the U.S. military; and a safety department that ...
16 hours ago Therecord.media
US charges Garantex admins with money laundering, sanctions violations - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found critical compliance issues with Anti-Money Laundering and Countering the Financing of Terrorism (AML/CFT) policies and ...
16 hours ago Bleepingcomputer.com
Beware of Fake CAPTCHA Prompts That May Silently Install LummaStealer on Your Device - The attack specifically targets users of booking websites by presenting fake booking confirmation pages that require CAPTCHA verification to view document details. The Infection Chain Flow shows how the attack progresses from the initial visit to a ...
18 hours ago Cybersecuritynews.com
Hackers Leveraging x86-64 Binaries on Apple Silicon to Deploy macOS malware - Unlike ARM64 binaries, which require valid Apple-issued signatures or stringent notarization checks, x86-64 executables translated via Rosetta 2 face fewer restrictions, allowing attackers to deploy self-signed payloads. Advanced threat actors ...
18 hours ago Cybersecuritynews.com
Data breach at Japanese telecom giant NTT hits 18,000 companies - In May 2020, the company suffered another data breach where hackers gained access to its internal network again, stealing the information of hundreds of customers. The data breach was discovered in early February 2025, but the exact date when the ...
18 hours ago Bleepingcomputer.com
Linux Distro Tails 6.13 Released with Improved Wi-Fi Hardware Detection - The release notes recommend workarounds such as USB Ethernet adapters, mobile tethering, or purchasing Tails-compatible USB Wi-Fi hardware. The release notes recommend workarounds such as USB Ethernet adapters, mobile tethering, or purchasing ...
18 hours ago Cybersecuritynews.com
Beware of Fake Tax Claims that Tricks Users to Steal Over $10,000 From Victims - Scammers exploit generational gaps: younger victims are often baited via social media links, whereas older adults face voice phishing (vishing) calls using deepfake audio to simulate family emergencies. For example, Form W-2 fraud surged in 2025, ...
18 hours ago Cybersecuritynews.com
Operation Sea Elephant Attacking Organizations to Steal Research Details - A sophisticated cyber espionage campaign dubbed “Operation Sea Elephant” has been discovered targeting scientific research organizations, with a particular focus on ocean-related studies. The operation, attributed to a threat actor group ...
19 hours ago Cybersecuritynews.com
Critical Vulnerabilities in DrayTek Routers Exposes Devices to RCE Attack - Researchers identified eight CVEs, including weaknesses in authentication mechanisms, kernel module updates, and protocol implementations, which could allow attackers to bypass security controls, execute arbitrary code, or crash devices. A series of ...
20 hours ago Cybersecuritynews.com
Multiple Jenkins Vulnerability Let Attackers Expose Secrets - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. CloudBees credited Antoine Ruffino, Daniel Beck, and XBOW for discovering these issues, reaffirming the critical role of ...
20 hours ago Cybersecuritynews.com
YouTube Warns of Phishing Emails Attacking Creators to Steal Login Credentials - The video, indistinguishable from authentic footage due to advanced voice and visual synthesis, instructs creators to “confirm” policy changes by logging into studio.youtube-plus[.]com—a phishing domain mimicking YouTube Studio. The attack, ...
20 hours ago Cybersecuritynews.com
Microsoft: North Korean hackers join Qilin ransomware gang - Microsoft says Moonstone Sleet hackers are targeting both financial and cyberespionage targets using trojanized software (e.g., PuTTY), custom malware loaders, malicious games and npm packages, and fake software development companies (e.g., C.C. ...
20 hours ago Bleepingcomputer.com Qilin
Enabling Incognito Mode in RDP to Hide All the Traces - This functionality, formally called public mode, prevents the client from storing sensitive session artifacts—a development with significant implications for cybersecurity, digital forensics, and enterprise IT management. Forensic tools like ...
22 hours ago Cybersecuritynews.com
GitHub Details How Security Professionals Can Use Copilot to Analyze Logs - As security datasets grow exponentially, Copilot’s machine learning models will receive specialized training on emerging attack patterns through GitHub’s unique access to vulnerability data across millions of repositories. The tool now ...
22 hours ago Cybersecuritynews.com
North Korean IT Workers Using GitHub To Attack Organization Globally - Cybersecurity research firm NISOS has uncovered a network of suspected North Korean IT workers who are leveraging GitHub to create elaborate fake personas aimed at securing employment with companies in Japan and the United States. The research ...
23 hours ago Cybersecuritynews.com
CISA Warns of Edimax IC-7100 IP Camera 0-day Vulnerability - The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a severe vulnerability in the Edimax IC-7100 IP Camera. This vulnerability affects all versions of the Edimax IC-7100 IP Camera and has been assigned ...
23 hours ago Cybersecuritynews.com CVE-2025-1316
AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches - Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems ...
23 hours ago Cybersecuritynews.com
Microsoft 365 Announces E5 Security for Business Premium Customers as Add-on - Security operations teams gain automated incident investigation timelines through Extended Detection and Response (XDR), reducing mean time to remediation (MTTR) by 40% compared to siloed tools. Automated security posture scoring identifies ...
23 hours ago Cybersecuritynews.com
Apache Pinot Vulnerability Let Remote Attackers Bypass Authentication - The Pinot vulnerability follows similar authentication bypass flaws in Elasticsearch (CVE-2024-35253) and MongoDB Atlas (CVE-2024-48721) disclosed earlier this year, suggesting industry-wide patterns in URI validation weaknesses. Cyber Security News ...
1 day ago Cybersecuritynews.com CVE-2024-35253
FBI Warns of Threats Actors mimic as BianLian Group to Attack Corporate Executives - Unlike legitimate BianLian operations, which rely on technical compromises like exploiting ProxyShell vulnerabilities (CVE-2021-34473, CVE-2021-34523, CVE-2021-31207) or leveraging stolen Remote Desktop Protocol (RDP) credentials—these letters lack ...
1 day ago Cybersecuritynews.com CVE-2021-34473 BianLian
Cisco Secure Client for Windows Let Attackers Execute Arbitrary Code - A newly identified vulnerability in the Cisco Secure Client for Windows could allow attackers to execute arbitrary code with SYSTEM privileges. When the Secure Firewall Posture Engine is installed, the vulnerability affects the Cisco Secure Client ...
1 day ago Cybersecuritynews.com
CISA, FBI warn of BianLian mail scam targeting executives with $500k ransom note | The Record from Recorded Future News - A spokesperson for the company told Recorded Future News that Arctic Wolf is aware of at least 20 organizations or executives who have received these letters. The letters have a return address based in Boston, Massachusetts and the FBI said it is ...
1 day ago Therecord.media BianLian
Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
1 day ago Krebsonsecurity.com
Microsoft says malvertising campaign impacted 1 million PCs - The malvertising videos redirected users to the GitHub repos that infected them with malware designed to perform system discovery, collect detailed system info (e.g., memory size, graphic details, screen resolution, operating system (OS), and user ...
1 day ago Bleepingcomputer.com
Akira ransomware encrypted network from a webcam to bypass EDR - S-RM confirmed to BleepingComputer that the threat actors utilized the webcam's Linux operating system to mount Windows SMB network shares of the company's other devices. The Akira ransomware gang was spotted using an unsecured webcam to launch ...
1 day ago Bleepingcomputer.com Akira
Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation | The Record from Recorded Future News - Russian cryptocurrency exchange Garantex was taken down in an apparent seizure by U.S. and European law enforcement Thursday, shortly after the company said $28 million had been frozen by another cryptocurrency firm. U.S. officials said at the time ...
1 day ago Therecord.media
US seizes domain of Garantex crypto exchange used by ransomware gangs - Garantex lost its license to provide virtual currency services in February 2022 after Estonia's Financial Intelligence Unit found links between Garantex and wallets used for criminal activity and critical compliance issues with Anti-Money Laundering ...
1 day ago Bleepingcomputer.com
Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets - 'The Sutherland employees, defendant Tyrone Rose and an unapprehended accomplice, allegedly used their access to StubHub's computer system to find a backdoor into a secure area of the network where already sold tickets were given a URL and queued to ...
1 day ago Bleepingcomputer.com
How to Analyse Real-Time Linux Malware Network Traffic - SOC/DFIR Guide - ANY.RUN, an advanced Interactive Sandbox designed to revolutionize Linux malware traffic analysis offers real-time, dynamic analysis capabilities, empowering researchers and security teams to more effectively uncover malicious network activities ...
1 day ago Cybersecuritynews.com
Thousands of public school workers impacted by cyberattack on retirement plan administrator | The Record from Recorded Future News - Dozens of public schools across the country reported data breaches to regulators in Maine, Massachusetts, Vermont and several other states this week, warning that sensitive data was stolen through Carruth Compliance Consulting — a company that ...
1 day ago Therecord.media
Threat Actors Mimic Electronic Frontier Foundation To Attack Gaming Community - Researchers at Hunt.io identified messages on the game’s forum directing players to phishing websites under the pretext of discussing security for in-game assets tied to their accounts. Cyber Security News is a Dedicated News Platform For Cyber ...
1 day ago Cybersecuritynews.com
Microsoft 365 apps will prompt users to back up files in OneDrive - "If your organization still has users who are not enrolled in KFM, the message ("BACK UP THIS DOCUMENT: Share and work with others in this and other files using OneDrive") will encourage them to do it while using familiar desktop apps," Microsoft ...
1 day ago Bleepingcomputer.com
Two arrested for stealing Taylor Swift Eras Tour tickets and selling for a $600,000 profit in cybercrime scheme | The Record from Recorded Future News - Two people were arrested in New York City after allegedly using backend access to StubHub’s system to steal the URLs for 900 concert tickets, most of which were for Taylor Swift’s popular Eras Tour. Queens District Attorney Melinda Katz announced ...
1 day ago Therecord.media
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks - The Shadowserver Foundation reports that most of the vulnerable instances are in China (4,400), followed by France (4,100), the United States (3,800), Germany (2,800), Iran (2,800), and Brazil (2,200). Bill Toulas Bill Toulas is a tech writer and ...
1 day ago Bleepingcomputer.com CVE-2025-22225
SquareX Unveils Polymorphic Extensions that Morph Infostealers into Any Browser Extension - Password Managers, Wallets at Risk - In addition to the polymorphic attack, SquareX was also the first to discover and disclose multiple extension-based attacks, including Browser Syncjacking, the Chrome Store consent phishing attack leading to Cyberhaven’s breach and numerous other ...
1 day ago Cybersecuritynews.com
Free vCISO Course: Turning MSPs and MSSPs into Cybersecurity Powerhouses - The vCISO Academy is a free, professional learning platform designed to equip service providers with the knowledge and training needed to build and expand their vCISO offerings, helping them better serve their clients and bolster cybersecurity ...
1 day ago Bleepingcomputer.com
InvokeADCheck - Powershell Based Tool to Detect Active Directory Misconfigurations - To address this gap, cybersecurity professionals Niels Hofland and Justin Perdok developed InvokeADCheck, an open-source PowerShell module designed to automate AD security assessments and identify vulnerabilities with precision. This tool offers a ...
1 day ago Cybersecuritynews.com
Researchers Bypassed CrowdStrike Falcon Sensor to Execute Malicious Applications - Security researchers at SEC Consult have discovered a significant vulnerability in CrowdStrike’s Falcon Sensor that allowed attackers to bypass detection mechanisms and execute malicious applications. The researchers at SEC Consult found that ...
1 day ago Cybersecuritynews.com
Malicious Chrome extensions can spoof password managers in new attack - In SquareX's demonstration, the attackers impersonate the 1Password password manager extension by first disabling the legitimate one using the 'chrome.management' API, or if the permissions aren't available, user interface manipulation tactics to ...
1 day ago Bleepingcomputer.com
Sitecore 0-Day Vulnerability Let Attackers Execute Remote Code - Security firm Assetnote discovered the vulnerability, which leverages Sitecore’s misuse of the deprecated BinaryFormatter class to bypass authentication checks and deploy malicious payloads. The vulnerability resides in the ...
1 day ago Cybersecuritynews.com
Misconfigured Apache Airflow Servers Exposes Login Credentials to Hackers - A critical security oversight in widely used Apache Airflow instances has exposed credentials for platforms like AWS, Slack, PayPal, and other services, leaving organizations vulnerable to data breaches and supply chain attacks. Cyber Security News ...
1 day ago Cybersecuritynews.com
Two Hackers Arrested For ATM Jackpotting by Deploying Malware - The arrests follow a joint investigation by the FBI Cyber Division and local law enforcement agencies into a sophisticated malware-driven financial fraud operation targeting credit unions and bank ATMs. Forensic analysts identified the installation ...
1 day ago Cybersecuritynews.com
Google Announces AI-Powered Scam Detector For Android Users - In its latest Android security update, Google has unveiled a dual-layer defense system combining AI-powered scam detection for both text messages and voice calls. Google collaborated with 18 financial institutions, including JPMorgan Chase (API ...
1 day ago Cybersecuritynews.com
ZITADEL IDOR Vulnerabilities Let Attackers Modify Sensitive Settings - Attackers with standard user privileges can exploit endpoints like /idps/ldap and /idps/ldap/{id} to redirect LDAP authentication flows to malicious servers or extract LDAP service credentials. Rated 9.0/10 on the CVSS v3.1 scale, these flaws enable ...
1 day ago Cybersecuritynews.com
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code - Organizations using Kibana for security monitoring (via Elastic Security) face heightened risks, as attackers could disable alerts or manipulate threat-detection pipelines. By injecting malicious payloads into these workflows, attackers can ...
1 day ago Cybersecuritynews.com CVE-2025-1080
Google Silently Tracks Android Device Even No Apps Opened by User - The research examined cookies, identifiers, and other data stored on Android handsets by Google Play Services, the Google Play Store, and other pre-installed Google apps. When a user searches within the Google Play Store, “sponsored” ...
1 day ago Cybersecuritynews.com
Two hackers Arrested for Stealing Taylor Swift Era Concert Tickets Worth $600k - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. As Swift’s tour continues until 2025, industry leaders encourage fans to buy using verified platforms that use ...
1 day ago Cybersecuritynews.com
SecP0 Ransomware Group Threatens Organizations to Leak Vulnerability Details - By targeting vulnerabilities instead of data, they amplify the potential impact of their operations, forcing organizations to address both immediate ransom demands and long-term security implications. Unlike traditional ransomware groups that encrypt ...
2 days ago Cybersecuritynews.com
Android App With 220,000+ Downloads From Google Play Installs Banking Trojan - A sophisticated Android banking trojan campaign leveraging a malicious file manager application accumulated over 220,000 downloads on the Google Play Store before its removal. According to the Zscaler ThreatLabz post shared on X, the malicious app, ...
2 days ago Cybersecuritynews.com
15 Best Patch Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive patch management for various operating systems, applications, and third-party software.It is complex for new users and requires time and training to utilize its functionalities fully.Advanced analytics ...
2 days ago Cybersecuritynews.com
Google Announces GoStringUngarbler Tool to Decrypt Go Based Malware - This innovation specifically targets binaries obfuscated using garble, an increasingly prevalent obfuscation compiler that has complicated malware analysis through sophisticated literal transformations and control flow manipulation. The garble ...
2 days ago Cybersecuritynews.com
Bybit Hot Wallet Exploit for Malicious Transaction - Technical Analysis Released - By modifying stor0, attackers replaced the legitimate GnosisSafe implementation (0x34cfac646f301356faa8b21e94227e3583fe3f5f) with their backdoored contract (0xbdd077f651ebe7f7b3ce16fe5f2b025be2969516), gaining full control of the wallet. The breach, ...
2 days ago Cybersecuritynews.com Lazarus Group
12 Chinese Hackers Charged For Cyber Attacks on U.S Treasury - The defendants include two officers from China’s Ministry of Public Security (MPS), eight employees of Chengdu-based i-Soon Information Technology, and two members of the APT27 threat group (also known as Silk Typhoon or Emissary Panda). ...
2 days ago Cybersecuritynews.com CVE-2017-0213
41,500+ VMware ESXi Instances Vulnerable to Code Execution Attacks - We are scanning & reporting out VMware ESXi CVE-2025-22224 vulnerable instances ("a malicious actor with local admin privileges on a virtual machine may exploit this to execute code as virtual machine's VMX process running on ...
2 days ago Cybersecuritynews.com CVE-2025-22224
BadBox Malware from Google Play Hacked 50,000+ Android Devices Using 24 Apps - HUMAN Security’s Satori Threat Intelligence team has uncovered a sophisticated malware operation dubbed “BADBOX 2.0” that compromised over 50,000 Android devices using 24 deceptive applications. Device owners concerned about ...
2 days ago Cybersecuritynews.com
People are using Super Mario to benchmark AI now | TechCrunch - Interestingly, the lab found that reasoning models like OpenAI’s o1, which “think” through problems step by step to arrive at solutions, performed worse than “non-reasoning” models, despite being generally stronger on ...
2 days ago Techcrunch.com
Two decades of visitor data at the Toronto Zoo stolen in cyberattack | The Record from Recorded Future News - Officials from the zoo did not respond to requests for comment about how many people were affected but a notice published this week says the hackers copied transaction data which includes “information about all guests and members” who bought ...
2 days ago Therecord.media Akira
Open-source tool 'Rayhunter' helps users detect Stingray attacks - Rayhunter is an open-source tool designed to detect Stingrays by capturing control traffic (signaling data) between the mobile hotspot and the cell tower it is connected to, but without monitoring user activity. "Rayhunter works by intercepting, ...
2 days ago Bleepingcomputer.com
Silk Typhoon hackers now target IT supply chains to breach networks - Microsoft warns that Chinese cyber-espionage threat group 'Silk Typhoon' has shifted its tactics, now targeting remote management tools and cloud services in supply chain attacks that give them access to downstream customers. Microsoft reports that ...
2 days ago Bleepingcomputer.com CVE-2024-3400
Microsoft To Harden The Trust Boundary of VBS Enclaves - The guidance by the Microsoft Security team, addresses fundamental security challenges that arise when implementing VBS enclaves, which use the hypervisor’s virtual trust levels to isolate regions of memory and code execution within user-mode ...
2 days ago Cybersecuritynews.com
US charges Chinese hackers linked to critical infrastructure breaches - One month later, it also targeted Chinese cybersecurity company Integrity Tech for its involvement in cyberattacks linked to the Chinese state-sponsored Flax Typhoon hacking group and sanctioned Yin Kecheng for his role in last year's breach of the ...
2 days ago Bleepingcomputer.com
BadBox malware disrupted on 500K infected Android devices - The BadBox Android malware botnet has been disrupted again by removing 24 malicious apps from Google Play and sinkholing communications for half a million infected devices. HUMAN says it also discovered 24 Android apps in the official app store, ...
2 days ago Bleepingcomputer.com
Microsoft Warns of Silk Typhoon Hackers Attacking IT Supply Chain - Microsoft Threat Intelligence has identified a significant shift in tactics by Silk Typhoon, a Chinese state-sponsored espionage group that has begun targeting common IT solutions including remote management tools and cloud applications to gain ...
2 days ago Cybersecuritynews.com CVE-2025-0282

Trending Cyber News (last 7 days)

Palau health ministry on the mend after Qilin ransomware attack | The Record from Recorded Future News - Palau officials told Recorded Future News that the February 17 ransomware attack launched by hackers connected to a group named Qilin allowed the infiltrators to steal files from IT systems used by the Ministry of Health and Human Services (MHHS). ...
4 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CISA says it will continue to monitor Russian cyber threats | The Record from Recorded Future News - Both The Guardian and Washington Post bolstered the claims about CISA by saying a recent speech on critical infrastructure cyber threats by a senior State Department official did not mention Russia. The story emerged on Friday around the same time as ...
4 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
DHS says CISA will not stop monitoring Russian cyber threats - In response to questions about the Guardian's story, Tricia McLaughlin, Assistant Secretary for Public Affairs, U.S. Department of Homeland Security, told BleepingComputer that the memo is fake and that CISA will continue to address cyber threats ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
New ClickFix attack deploys Havoc C2 via Microsoft Sharepoint - A newly uncovered ClickFix phishing campaign is tricking victims into executing malicious PowerShell commands that deploy the Havok post-exploitation framework for remote access to compromised devices. Threat actors have also begun to evolve the ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
U.S. Halts Cyber Operations Targeting Russia - The move coincides with heightened concerns over Russian cyber threats, including state-linked campaigns like Sandworm and Midnight Blizzard, and follows revelations of a Chinese breach targeting Belgian critical infrastructure. The Pentagon’s ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Tata Technologies Allegedly Breached - Huntress Claim Leak of Sensitive data - According to Huntress Group, the claim resulted in the theft of 1.4 TB of sensitive data, potentially exposing critical information from high-profile clients such as Ford, McLaren, Honda, and Airbus. The rise of sophisticated ransomware groups like ...
3 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Hackers Using ClickFix Tactic to Attack Windows Machine - Unlike standard Havoc implementations, this variant uses Microsoft Graph API endpoints to communicate with attacker-controlled SharePoint files, blending malicious traffic with legitimate cloud service requests. A sophisticated phishing campaign in ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Routers Under Attack - Attacks Scanning for IoT & Routers at Record High - The report notes that some hosting providers have begun taking action against these activities, but significant work remains to curtail the growing tide of vulnerability scanning threatening internet-connected devices worldwide. According to recent ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Several local governments struggling with cyberattacks limiting services | The Record from Recorded Future News - 911 and 311 call centers are operational but County Executive Steuart Pittman said many other services are impacted by the shutoff of internet access — an action taken to “ensure the safety” of government systems. Anne Arundel County, home to ...
4 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Hackers Abusing Microsoft Teams & Quick Assist to Gain Remote Access - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Victims are forced into granting remote access through Microsoft’s built-in Quick Assist tool, which enables full device ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Bubba AI, Inc. is Launching Comp AI to Help 100,000 Startups Get SOC 2 Compliant by 2032. - Bubba AI’s flagship product, Comp AI, offers a built-in risk register, and policies required for frameworks while also allowing companies to build their compliance workflows using building blocks provided by the platform. Bubba AI has set an ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2024-13833 - The Album Gallery – WordPress Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.6.3 via deserialization of untrusted input from gallery meta. This makes it possible for authenticated ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks - Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. "Microsoft has observed threat actors (TAs) exploiting this ...
6 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-25724 - list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Rubrik rotates authentication keys after log server breach - However, Rubrik says that a small number of log files contained access information, causing the company to rotate authentication keys out of an abundance of caution. In a security advisory published on February 2 and first spotted by Kevin ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-25015 - Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. ...
2 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1852 - A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer ...
5 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CISA tags Windows, Cisco vulnerabilities as actively exploited - In early February, CISA also announced that a critical Microsoft Outlook remote code execution (RCE) vulnerability (CVE-2024-21413) is now being exploited in ongoing attacks and ordered federal agencies to patch their systems by February 27. ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2024-13546 - The GenerateBlocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.9.1 via the 'get_image_description' function. This makes it possible for authenticated attackers, with ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1797 - A vulnerability, which was classified as critical, has been found in Hunan Zhonghe Baiyi Information Technology Baiyiyun Asset Management and Operations System up to 20250217. Affected by this issue is some unknown functionality of the file ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1799 - A vulnerability, which was classified as critical, was found in Zorlan SkyCaiji 2.9. This affects the function previewAction of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the argument data leads to server-side request ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Windows Hyper-V NT Kernel Vulnerability Allows SYSTEM Privileges - This heap-based buffer overflow vulnerability allows local attackers to escalate their privileges to the SYSTEM level, posing a significant security risk. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking ...
5 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
New Microsoft 365 outage impacts Teams, causes call failures - Over the weekend, Microsoft said it addressed another Microsoft 365 outage that affected Outlook and Exchange Online authentication and caused Teams and Power Platform degraded functionality. Redmond linked this weekend's incident ...
4 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Paragon Partition Manager Vulnerabilities Let Attackers Escalate Privilege & Trigger DoS Attacks - Here the security analysts at Carnegie Mellon University noted that the most concerning aspect of these vulnerabilities is that they can be exploited even if Paragon Partition Manager isn’t installed on the target system, through a technique ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-22224 - VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the ...
3 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1306 - The Newscrunch theme for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.4. This is due to missing or incorrect nonce validation on the newscrunch_install_and_activate_plugin() function. This makes it ...
4 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
33.3 Million Cyber Attacks Targeted Mobile Devices In 2024, Keep Your Devices Safe! - Cybersecurity experts recommend maintaining up-to-date security software, avoiding unofficial app sources, carefully reviewing requested permissions, and remaining vigilant about unsolicited messages containing links or download instructions to ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
BigAnt Server 0-day Vulnerability Let Attackers Execute Malicious Code Via File Uploads - The exploit chain begins with a default-enabled SaaS registration portal at /index.php/Home/Saas/reg_email.html, which permits organizational account creation after solving a basic CAPTCHA challenge. The registration process exposes critical session ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2024-13747 - The WooMail - WooCommerce Email Customizer plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'template_delete_saved' function in all versions up to, and including, 3.0.34. This makes it ...
2 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2024-41778 - IBM Controller 11.0.0 through 11.0.1 and 11.1.0 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-0475 - An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific ...
4 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Treasury sanctions Iranian national behind defunct Nemesis darknet marketplace | The Record from Recorded Future News - “As the administrator of the Nemesis darknet marketplace, Parsarad sought to build — and continues to try to re-establish — a safe haven to facilitate the production, sale, and shipment of illegal narcotics like fentanyl and other synthetic ...
3 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Pathfinder AI - Hunters Announces New AI Capabilities with for Smarter SOC Automation - “Hunters has already made a significant impact on our security operations by reducing manual investigations, streamlining data ingestion, and improving threat visibility. Unlike static rule-based automation, Agentic AI dynamically adapts, ...
3 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
North Koreans finish initial laundering stage after more than $1 billion stolen from Bybit | The Record from Recorded Future News - TRM Labs has tracked previous thefts by North Korean actors and found a similar playbook, where the hackers use DeFi platforms to convert funds into Bitcoin before using mixers to obfuscate the source of the cryptocurrency. Last week, the FBI ...
3 days ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Hackers Deliver XWorm via Malicious Registry Files in a New Stegocampaign Attack - To protect your network from this Stegocampaign tactic, use ANY.RUN’s Threat Intelligence Lookup to investigate known samples and find similar ones to enrich your understanding of the attack’s TTPs. Gather more indicators for fine-tuning your ...
3 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Two arrested for stealing Taylor Swift Eras Tour tickets and selling for a $600,000 profit in cybercrime scheme | The Record from Recorded Future News - Two people were arrested in New York City after allegedly using backend access to StubHub’s system to steal the URLs for 900 concert tickets, most of which were for Taylor Swift’s popular Eras Tour. Queens District Attorney Melinda Katz announced ...
1 day ago Therecord.media CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1806 - A vulnerability, which was classified as problematic, has been found in Eastnets PaymentSafe 2.5.26.0. Affected by this issue is some unknown functionality of the file /Default.aspx of the component URL Handler. The manipulation leads to improper ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1807 - A vulnerability, which was classified as problematic, was found in Eastnets PaymentSafe 2.5.26.0. This affects an unknown part of the file /directRouter.rfc of the component Edit Manual Reply Handler. The manipulation of the argument Title leads to ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1808 - A vulnerability has been found in Pixsoft E-Saphira 1.7.24 and classified as critical. This vulnerability affects unknown code of the file /servlet?act=login&tipo=1 of the component Login Endpoint. The manipulation of the argument txtUsuario ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-25725 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-25724. Reason: This candidate is a reservation duplicate of CVE-2025-25724. Notes: All CVE users should reference CVE-2025-25724 instead of this candidate. All references and ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-25726 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-53427. Reason: This candidate is a reservation duplicate of CVE-2024-53427. Notes: All CVE users should reference CVE-2024-53427 instead of this candidate. All references and ...
6 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-1853 - A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based ...
5 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Attackers Automating Vulnerability Exploits with Few Hours of Disclosure - With ransomware collectives and state-backed groups investing heavily in automation, the 2025 Mass Internet Exploitation Report serves as both a warning and a roadmap urging organizations to abandon reactive strategies in favor of real-time, ...
4 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-22225 - VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. ...
3 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
CVE-2025-22226 - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the ...
3 days ago CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Threat Actors Leveraging AES Cryptography For Payload Protection - Threat actors are increasingly using the Advanced Encryption Standard (AES) in combination with code virtualization to protect malicious payloads, creating a complex chain of obfuscation that challenges traditional security measures. The transition ...
3 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Hunters International ransomware claims attack on Tata Technologies - The Hunters International ransomware gang has claimed responsibility for a January cyberattack attack on Tata Technologies, stating they stole 1.4TB of data from the company. With no further updates have been shared by the company for over a month, ...
3 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Polish Space Agency offline as it recovers from cyberattack - The agency now works with the Polish Computer Security Incident Response Team (CSIRT NASK) and the Polish Military Computer Security Incident Response Team (CSIRT MON) to restore impacted services. ​The Polish Space Agency (POLSA) has been ...
3 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
Windows KDC Proxy RCE Vulnerability Let Attackers Control The Server Remotely - Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers. The ...
3 days ago Cybersecuritynews.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325
New Eleven11bot botnet infects 86,000 devices for DDoS attacks - A new botnet malware named 'Eleven11bot' has infected over 86,000 IoT devices, primarily security cameras and network video recorders (NVRs), to conduct DDoS attacks. Earlier today, threat monitoring platform The Shadowserver Foundation reported ...
3 days ago Bleepingcomputer.com CVE-2023-34362 CVE-2025-0289 CVE-2025-0286 CVE-2025-0288 CVE-2025-22225 CVE-2025-22226 CVE-2025-22224 CVE-2024-56325