Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Claude is testing ChatGPT-like Deep Research feature Compass - To make things easier for users, Claude is testing some system prompts for the Compass feature, such as "Find credible sources for my research" and "Provide evidence-based insights for my topic". "Compass" will allow Claude to perform certain tasks, ...
17 minutes ago Bleepingcomputer.com

Top 3 Cyber Attacks In March 2025 - In another ANY.RUN analysis session, the phishing site prompted users to enter their credit card information to “verify their stay.” The page looked legit, but it was nothing more than a front for harvesting sensitive financial data. From banking ...
22 minutes ago Cybersecuritynews.com

YouTube Creators Under Attack via Brand Collaborators Requests Using Clickflix Technique - Cybercriminals initiate contact via email or social media, posing as marketing representatives from established brands offering lucrative deals that require the creator to review “campaign materials” hosted on compromised domains or cloud ...
22 minutes ago Cybersecuritynews.com

New York's cyber chief on keeping cities and states safe from cyberattacks | The Record from Recorded Future News - And so we think that that'll continue to evolve the security posture of New York State in a way that first and foremost provides the public good, which is, if a government service is not secure, it can't be considered reliable. We're ...
1 hour ago Therecord.media

The 7 technology trends that could replace passwords - In passwords, this provides a secure way to let users prove that they know their own password, without any need to transmit their actual credentials – it is a cryptographic method that proves you know your password without needing to actually ...
1 hour ago Bleepingcomputer.com

New NPM Attack Infecting Local Packages With Cleverly Hidden Malicious Payload - These packages act as downloaders, injecting malicious code into locally installed versions of the legitimate ethers package, ultimately creating a reverse shell on the victim’s machine. The threat actor may have been attempting to ...
1 hour ago Cybersecuritynews.com

3 in 4 Enterprise Users Upload Data to GenAI Including passwords and keys - The 2025 Generative AI Cloud and Threat Report, released by Netskope Threat Labs, unveils a staggering 30-fold increase in data sent to genAI apps by enterprise users over the past year. A broader analysis found that 75% of enterprise users are ...
1 hour ago Cybersecuritynews.com

Microsoft fixes printing issues caused by January Windows updates - "After installing the January 2025 Windows preview update (KB5050092), released January 29, 2025, or later updates, you might observe issues with USB connected dual-mode printers that support both USB Print and IPP Over USB protocols," Redmond said ...
1 hour ago Bleepingcomputer.com

CrushFTP HTTPS Port Vulnerability Leads to Unauthorized Access - As of March 25, 2025, neither vulnerability is known to have been exploited in the wild, but security professionals emphasize that rapid patching is essential given the critical nature of these file transfer systems and the history of similar ...
2 hours ago Cybersecuritynews.com

Operation ForumTroll - APT Hackers Exploit Google Chrome Zero-Day To Bypass Sandbox Protections - Security researchers describe the vulnerability as particularly dangerous because it allows attackers to bypass Chrome’s sandbox “as if it didn’t exist,” effectively eliminating a critical browser security layer. The campaign ...
2 hours ago Cybersecuritynews.com CVE-2025-2783

Your Smart TV May Bring Down the Entire Network - Leveraging advanced GenAI and large language models (LLM), OmniSec analyzes security and compliance data, transforming complex cybersecurity workflows into natural, interactive conversations. OmniSec empowers organizations to maintain robust ...
2 hours ago Cybersecuritynews.com

RedCurl cyberspies create ransomware to encrypt Hyper-V servers - A threat actor named 'RedCurl,' known for stealthy corporate espionage operations since 2018, is now using a ransomware encryptor designed to target Hyper-V virtual machines. While most ransomware operations focus on targeting VMware ESXi servers, ...
2 hours ago Bleepingcomputer.com

North Korean Kimsuky Hackers New Tactics & Malicious Scripts in Latest Attacks - The attack’s initial payload consists of four files: a heavily obfuscated VBScript (1.vbs), a PowerShell script (1.ps1), and two encoded text files (1.log and 2.log) that contain the actual malware components. Cyber Security News is a Dedicated ...
2 hours ago Cybersecuritynews.com Kimsuky

Windows 11 24H2 Update Breaks Connection to the Veeam Backup Server - For organizations planning recovery operations with Veeam in a Windows 11 environment, creating recovery media on computers running Windows 11 builds earlier than 26100.3194 is advisable until a permanent solution is available. Veeam advises ...
2 hours ago Cybersecuritynews.com

Critical NetApp SnapCenter Server Vulnerability Let Attacker Become an Admin User - “SnapCenter versions prior to 6.0.1P1 and 6.1P1 are susceptible to a vulnerability which may allow an authenticated SnapCenter Server user to become an admin user on a remote system where a SnapCenter plug-in has been installed,” reads ...
2 hours ago Cybersecuritynews.com

Cloudflare Attributes Recent Service Outage to Password Rotation Error - “This incident happened because of human error and lasted longer than it should have because we didn’t have proper visibility into which credentials were being used by the Gateway Worker to authenticate with our storage ...
3 hours ago Cybersecuritynews.com

200 Unique Domains Used by Raspberry Robin Unveiled - The malware’s connection to Russian threat actors was confirmed in September 2024 when CISA, the FBI, and NSA released a joint advisory linking Raspberry Robin to Russia’s GRU and specifically Unit 29155. Silent Push researchers ...
3 hours ago Cybersecuritynews.com LockBit

Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages - Boot Guard private keys were found exposed within firmware update packages, potentially allowing attackers to bypass critical security protections in affected devices. Researchers at Binary Research have uncovered that private cryptographic keys used ...
3 hours ago Cybersecuritynews.com

Microsoft: Recent Windows updates cause Remote Desktop issues - "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a new ...
4 hours ago Bleepingcomputer.com

UK warns of emerging threat from ‘sadistic’ online ‘Com networks’ of teenage boys | The Record from Recorded Future News - Last month, Richard Ehiemere, 21, an East London member of a “Com” network linked to the blackmailing of young teenage girls, was convicted on charges of fraud and making indecent images of children. Online networks of teenage boys “dedicated ...
4 hours ago Therecord.media

New npm attack poisons local packages with backdoors - Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. In general, when downloading packages from package indexes like PyPI and ...
4 hours ago Bleepingcomputer.com

DrayTek Routers Vulnerability Exploited in the Wild - Possibly Links to Reboot Loop - Security intelligence firm GreyNoise has identified the active exploitation of several DrayTek vulnerabilities, which could be linked to these mysterious reboots that began around March 22, 2025. This incident follows Forescout Technologies’ ...
4 hours ago Cybersecuritynews.com CVE-2020-8515

New Chrome Installer Breaks With Error “This App can’t Run on your PC” on Windows 10 & 11 - Another method reported by affected users involves completely removing previous Chrome installations by deleting the Google folder under “C:\Program Files (x86)\Google” before attempting a fresh installation. This finding confirms that ...
5 hours ago Cybersecuritynews.com

New IOCONTROL Malware Attacking Critical Infrastructure to Gain Remote Access and Control - Initial attacks leveraged compromised credentials—part of a broader 33% year-over-year surge in credential theft—to infiltrate critical systems, enabling threat actors to establish persistent remote access, manipulate industrial processes, and ...
7 hours ago Cybersecuritynews.com

Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code - CVE-2024-55964: An Insecure Direct Object Reference vulnerability allowed users with minimal “App Viewer” permissions to access SQL databases by exploiting predictable datasource IDs and the ...
8 hours ago Cybersecuritynews.com CVE-2024-55964

Windows 11 update breaks Veeam recovery, causes connection errors - As a temporary workaround, while Microsoft and Veeam are currently investigating this known issue and looking for a fix, users impacted by this issue are advised to recover their computer or data using Veeam Recovery Media generated from a ...
8 hours ago Bleepingcomputer.com

CISA Warns of Four Vulnerabilities, and Exploits Surrounding ICS - Rockwell Automation has released version 1.40 to address the vulnerability and recommends users implement security best practices, including network isolation and using secure remote access methods. Affecting versions 2105457-036 to 2105457-044 of ...
8 hours ago Cybersecuritynews.com

New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials - Unofficial Patch - While security researchers are withholding specific exploitation details until Microsoft releases an official patch, they confirm the vulnerability allows for credential theft through malicious file interaction. Additionally, the ...
9 hours ago Cybersecuritynews.com CVE-2025-21377

Google fixes Chrome zero-day exploited in espionage campaign - Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations. However, Kaspersky researchers who discovered the actively ...
9 hours ago Bleepingcomputer.com CVE-2025-2783

Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild - “The vulnerability CVE-2025-2783 really left us scratching our heads, as, without doing anything obviously malicious or forbidden, it allowed the attackers to bypass Google Chrome’s sandbox protection as if it didn’t even ...
10 hours ago Cybersecuritynews.com CVE-2025-2783

Nearly $13 million stolen from Abracadabra Finance in crypto heist | The Record from Recorded Future News - The Treasury Department removed sanctions on Tornado Cash last week after a federal appeals court ruled the agency had exceeded its authority in trying to penalize the company for being used by North Korean hackers seeking to launder funds stolen ...
20 hours ago Therecord.media

CrushFTP warns users to patch unauthenticated access flaw immediately - In November 2023, CrushFTP customers were also warned to patch a critical remote code execution vulnerability (CVE-2023-43177) in the company's enterprise suite after Converge security researchers who reported the flaw released a proof-of-concept ...
20 hours ago Bleepingcomputer.com CVE-2023-43177

Alleged Snowflake hacker consents to extradition from Canada after US charges | The Record from Recorded Future News - Connor Riley Moucka, also known as Alexander Antonin Moucka, signed a consent order on Friday in Ontario Superior Court in Kitchener that would allow him to be transferred to U.S. custody to face multiple charges. Moucka allegedly spoke to news ...
20 hours ago Therecord.media

Cloudflare R2 service outage caused by password rotation error - The absence of safeguards and validation checks for high-impact actions led to the outage, prompting Cloudflare to plan and implement additional measures for improved account provisioning, stricter access control, and two-party approval processes for ...
20 hours ago Bleepingcomputer.com

Broadcom warns of authentication bypass in VMware Windows Tools - For instance, in November, Broadcom warned that attackers were exploiting two VMware vCenter Server vulnerabilities: a privilege escalation to root (CVE-2024-38813) and a critical remote code execution flaw (CVE-2024-38812) identified during China's ...
21 hours ago Bleepingcomputer.com CVE-2024-38813

New Windows zero-day leaks NTLM hashes, gets unofficial patch - In recent months, 0patch has reported three other zero-day vulnerabilities that Microsoft patched or has yet to address, including a Windows Theme bug (patched as CVE-2025-21308), a Mark of the Web bypass on Server 2012 (still a zero-day without an ...
22 hours ago Bleepingcomputer.com CVE-2025-21308

Malaysia PM says country rejected $10 million ransom demand after airport outages | The Record from Recorded Future News - Malaysia’s National Cyber Security Agency (NACSA) and Malaysia Airports released a joint statement Tuesday confirming that a cyberattack started causing disruptions on March 23. Computer outages at Malaysia’s Kuala Lumpur International Airport ...
22 hours ago Therecord.media

VMware Tools for Windows Vulnerability Let Attackers Bypass Authentication - According to the security advisory VMSA-2025-0005, the authentication bypass vulnerability stems from improper access control in the VMware Tools for Windows utilities suite. In response to this vulnerability, cybersecurity experts recommend that ...
23 hours ago Cybersecuritynews.com CVE-2025-22230

Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code - As the security community continues to analyze the full scope of the Water Gamayun campaign, users are urged to stay informed and take immediate action to protect their systems from this significant threat. The Cybersecurity and Infrastructure ...
23 hours ago Cybersecuritynews.com CVE-2025-26633

EncryptHub linked to zero-day attacks targeting Windows systems - In attacks spotted by Trend Micro's researchers before reporting the flaw to Microsoft, EncryptHub (also known as Water Gamayun or Larva-208) used CVE-2025-26633 zero-day exploits to execute malicious code and exfiltrate data from compromised ...
23 hours ago Bleepingcomputer.com CVE-2025-26633

Active Roles Wins 2025 Cybersecurity Excellence Award for Hybrid Active Directory Protection - One Identity, a leader in unified identity security, today announced that One Identity Active Roles has been named a winner in the Hybrid Active Directory Protection category of the 2025 Cybersecurity Excellence Awards. Their Unified Identity ...
1 day ago Cybersecuritynews.com

CYREBRO Recognized in Gartner Emerging Tech Report for Detection and Response Startups - CYREBRO, the AI-native Managed Detection and Response (MDR), today announced its recognition as a leading detection and response startup in the Gartner report, Emerging Tech: Techscape for Detection and Response Startups. “We are honored to be ...
1 day ago Cybersecuritynews.com

ARMO Launches First Cloud App Detection and Response to Unify Code to Cloud Runtime Security - ARMO CADR provides a full explainable and traceable runtime security story spanning the entire cloud stack and responds to threats without flooding teams with alerts. ARMO is a Cloud Runtime Security company providing the first open source ...
1 day ago Cybersecuritynews.com

Browser-in-the-Browser attacks target CS2 players' Steam accounts - A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam's login page. Basically, this phishing technique creates fake browser windows within real ...
1 day ago Bleepingcomputer.com

Hackers Deliver Malware via Browser Extensions & Legitimate Tools to Bypass Security Controls - Quick Assist, a preinstalled Windows application designed for remote troubleshooting, requires victims to share a six-digit verification code with attackers posing as IT support personnel. Over the past six months, threat actors have refined ...
1 day ago Cybersecuritynews.com

Malicious AI Tools Spike 200% and Discussions on Jailbreaking Legitimate ChatGPT Grow by 52% - Indeed, Kela researchers noted the growth of underground marketplaces where malicious developers discuss and refine these tools, with some offering “jailbreaking” techniques for legitimate AI systems to bypass programmed ethical ...
1 day ago Cybersecuritynews.com

Researchers Compared Malware Development in Rust vs C & C++ Languages - A comprehensive analysis conducted in 2023 by the Rochester Institute of Technology aimed to assess whether malware developed in Rust truly presents greater challenges to security analysts than traditional C/C++ implementations. The investigation ...
1 day ago Cybersecuritynews.com

New Android malware uses Microsoft’s .NET MAUI to evade detection - Typically, Android apps are written in Java/Kotlin and store the code in DEX format, but it's technically possible to use .NET MAUI to build an Android app in C# with the app's logic stored inside binary blob files. To minimize the risk of infection ...
1 day ago Bleepingcomputer.com

Security Onion 24.10 Released - What’s New - It’s important to note that after running soup or rebooting a Security Onion node, services may take a few minutes to display an OK status as the initial on-boot highstate runs. These updates ensure that Security Onion continues to provide ...
1 day ago Cybersecuritynews.com

ARACNE - LLM-based Pentesting Agent To Execute Commands on Real Linux Shell Systems - Cybersecurity researchers have unveiled a new autonomous penetration testing agent that leverages large language models (LLMs) to execute commands on real Linux shell systems. ARACNE’s architecture consists of four key components working in ...
1 day ago Cybersecuritynews.com

Microsoft Unveils New Security Copilot Agents & Protections for AI - The Alert Triage Agents in Microsoft Purview prioritize data loss prevention and insider risk incidents, while the Conditional Access Optimization Agent in Microsoft Entra identifies security gaps in identity protection policies. Additional Microsoft ...
1 day ago Cybersecuritynews.com

New Phishing Campaign Attacking Mac Users to Steal User Credentials - A sophisticated phishing campaign has recently shifted its focus to target Mac users, demonstrating the evolving nature of cyber threats in response to improved security measures. The security team observed a drastic 90% drop in Windows-targeted ...
1 day ago Cybersecuritynews.com

Massive Cyberattack Takes Down Ukrainian State Railway’s Online Services - The company’s IT security team is currently working in collaboration with the Cyber Department of the Security Service of Ukraine (SBU) and the Government Computer Emergency Response Team (CERT-UA) to mitigate the attack and restore compromised ...
1 day ago Cybersecuritynews.com

CAPE from Cuckoo v1 - Malware Sandbox to Execute Malicious Files in An Isolated Environment - This approach enables CAPE to force malware samples to fully detonate even when they attempt to detect and evade analysis environments, providing security researchers with complete behavioral insights. Originally developed by Kevin O’Reilly at ...
1 day ago Cybersecuritynews.com

New Malware Attacking Android Users Abusing Cross-Platform Framework For Evasion - Cybercriminals have developed sophisticated malware campaigns targeting Android users by exploiting .NET MAUI, a cross-platform development framework, to evade traditional security measures. The research team discovered that these malicious ...
1 day ago Cybersecuritynews.com

FBI Warns of File Convertor Tools Used to Deploy Ransomware - FBI Denver Special Agent in Charge Mark Michalek emphasized the growing prevalence of this threat: “The best way to thwart these fraudsters is to educate people so they don’t fall victim to these fraudsters in the first place,” ...
1 day ago Cybersecuritynews.com

Rilide Malware as Browser Extension Attacking Chrome & Edge Users to Steal Login Credentials - The malware leverages browser extension capabilities to seamlessly integrate with the victim’s browsing experience, making detection particularly challenging for conventional security solutions. A sophisticated malware strain dubbed ...
1 day ago Cybersecuritynews.com

Ingress NGINX Remote Code Execution Vulnerability Let Attacker Takeover Cluster - It enables attackers to inject arbitrary NGINX configuration directives, potentially leading to remote code execution. It enables attackers to bypass validation checks and inject arbitrary NGINX configurations, potentially leading to remote code ...
1 day ago Cybersecuritynews.com CVE-2025-1974

New Phishing Attack Using Browser-In-The-Browser Technique To Attack Gamers - This attack method creates a convincing fake browser pop-up window that tricks users into entering their Steam credentials, allowing cybercriminals to steal valuable gaming accounts and virtual items. Silent Push researchers noted this attack in ...
1 day ago Cybersecuritynews.com

Linux Kernel 6.14 Officially Released, What's New - Linux kernel 6.14 is a significant update that not only boosts gaming performance and AI integration but also enhances security, stability, and hardware support. This release brings enhancements in gaming performance, AI hardware support, filesystem ...
1 day ago Cybersecuritynews.com

Best MDR (Managed Detection & Response) Solutions - 2025 - Cybereason Managed Detection and Response solutions provide 24/7 threat monitoring, advanced endpoint protection, and rapid incident response. Cynet MDR solutions provide automated threat detection and response, ensuring comprehensive security ...
1 day ago Cybersecuritynews.com

Developers Beware! Fake Coding Challenges Will Deploy FogDoor on Your System - The attack begins with a GitHub repository named “FizzBuzz” under the account “Rekrutacja-JS” (Polish for “Recruitment-JS”), hosting an ISO file labeled “Zadanie rekrutacyjne.iso” (“Recruitment ...
1 day ago Cybersecuritynews.com

Cyberattack causes delays for South Africa’s largest chicken producer | The Record from Recorded Future News - Large food producers like JBS, Dole, Sysco and Mondelez have all experienced ransomware attacks over the last five years and even the U.S. Department of Agriculture (USDA) told Recorded Future News in 2023 that it was affected by a ransomware ...
1 day ago Therecord.media

23andMe files for bankruptcy, customers advised to delete DNA data - With the company's assets now up for sale to the highest bidder, privacy experts fear that all the amassed DNA data could fall into the wrong hands, potentially exposing 23andMe customers' genetic information despite the company's ...
1 day ago Bleepingcomputer.com

New VanHelsing ransomware targets Windows, ARM, ESXi systems - In normal encryption mode, VanHelsing enumerates files and folders, encrypts the file contents, and renames the resulting file appending the ‘.vanhelsing’ extension. Files stolen from the victims’ networks are stored directly on the ...
1 day ago Bleepingcomputer.com

Thai officers intercept Starlink transmitters allegedly headed for Myanmar scam centers | The Record from Recorded Future News - According to the local news outlet Khaosod, officers at a checkpoint in Mae Sot district near the border with Myanmar stopped and inspected a white Isuzu pickup that contained more than three-dozen boxes concealing Starlink receivers, whose use has ...
1 day ago Therecord.media

Hackers steal sensitive data from Pennsylvania county during ransomware attack | The Record from Recorded Future News - Personal information from Union County, Pennsylvania, residents was stolen during a ransomware attack on government systems 10 days ago. County and city governments continue to be battered in the first three months of 2025, with multiple states ...
1 day ago Therecord.media

Cyberattack takes down Ukrainian state railway’s online services - The organization called the attack “highly systematic and multi-layered,” and assured that it’s working with experts from the SBU Cyber Department and the Government Computer Emergency Response Team (CERT-UA) to close any security ...
1 day ago Bleepingcomputer.com

DrayTek routers worldwide go into reboot loops over weekend - As first reported by ISPreview, affected customers (including those in Australia and outside the UK) were told to upgrade their devices to the latest firmware, disable SSLVPN/Remote Access, or even switch to routers from other vendors if the issues ...
1 day ago Bleepingcomputer.com

Chinese Weaver Ant hackers spied on telco network for 4 years - The threat actor appears to be more focused on network intelligence, credential harvesting, and continuous access to telecom infrastructure rather than stealing user data or financial records, which is consistent with state-sponsored ...
1 day ago Bleepingcomputer.com

Cyber Guardians: INE Security Champions Cybersecurity Training During National Physicians Week 2025 - INE Security, a global leader in cybersecurity training, certifications, and certification preparation, is at the forefront of helping healthcare organizations fortify their cyber defenses through education. INE Security’s comprehensive ...
1 day ago Cybersecuritynews.com

Over 300 arrested in international crackdown on cyber scams | The Record from Recorded Future News - In an international operation that stretched from last November to February, authorities from Benin, Côte d'Ivoire, Nigeria, Rwanda, South Africa, Togo and Zambia uncovered cross-border criminal networks that defrauded more than 5,000 victims. ...
1 day ago Therecord.media

Police arrests 300 suspects linked to African cybercrime rings - Between September 2nd and October 31st, another law enforcement action coordinated by Interpol and dubbed 'Operation Serengeti' led to the arrest of 1,006 suspects believed to be part of cybercrime links behind ransomware, digital ...
2 days ago Bleepingcomputer.com

Critical flaw in Next.js lets hackers bypass authorization - In Next.js, middleware components run before a request hits an application routing system and serve purposes like authentication, authorization, logging, error handling, redirecting users, applying geo-blocking or rate limits. If it ...
2 days ago Bleepingcomputer.com CVE-2025-29927

OpenAI SearchGPT Results Tampering with Prompt Injection - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
2 days ago Tenable.com

Trending Cyber News (last 7 days)

Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Increases by 130% - These sophisticated attacks leverage unpatched security flaws in popular browsers to deploy malicious payloads before security teams can implement countermeasures, leaving users and organizations extremely vulnerable in the critical first hours of an ...
6 days ago Cybersecuritynews.com CVE-2023-45812

Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges | The Record from Recorded Future News - Prosecutors claimed Weiss "cracked the encryption" protecting passwords used by athletes themselves — a tactic he learned through "research that he did on the internet." He also searched through data breaches to find leaked ...
5 days ago Therecord.media

Kali Linux 2025.1a released with 1 new tool, annual theme refresh - Kali Linux has released version 2025.1a, the first version of 2025, with one new tool, desktop changes, and a theme refresh. With the year's first version, the Kali Team introduces a theme update consisting of new wallpapers and changes to the boot ...
6 days ago Bleepingcomputer.com

New Arcane infostealer infects YouTube, Discord users via game cheats - A newly discovered information-stealing malware called Arcane is stealing extensive user data, including VPN account credentials, gaming clients, messaging apps, and information stored in web browsers. The campaign distributing Arcane Stealer relies ...
6 days ago Bleepingcomputer.com

Microsoft: Exchange Online bug mistakenly quarantines user emails - Customers have been reporting experiencing similar problems over the last two days, including having issues accessing the Quarantine Review page when using Microsoft Defender for 365 for email protection and ...
4 days ago Bleepingcomputer.com

Oracle denies breach after hacker claims theft of 6 million data records - As further proof that they had access to Oracle Cloud servers, the threat actor shared this URL with BleepingComputer, showing an Internet Archive URL that indicates they uploaded a .txt file containing their ProtonMail email address to the ...
4 days ago Bleepingcomputer.com

CVE-2024-13737 - The Motors – Car Dealer, Classifieds & Listing plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the motors_create_template and motors_delete_template functions in all versions up to, ...
4 days ago

CVE-2025-2604 - A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. Affected is an unknown function of the file edit_act.php. The manipulation of the argument ID leads to sql injection. ...
4 days ago

VMware Vulnerabilities Exploited Actively to Deploy Ransomware - On March 4, 2025, Broadcom released emergency updates to address three critical vulnerabilities – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 – affecting several VMware products, including ESXi, Workstation, and Fusion. Given the ...
4 days ago Cybersecuritynews.com CVE-2025-22224

CVE-2025-2628 - A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /art-enquiry.php. The manipulation of the argument eid leads to sql injection. It is possible to ...
3 days ago

Hacker Claims Sale of 6 Million Records Stolen from Oracle Cloud Servers - The stolen data reportedly includes Java Key Store (JKS) files, encrypted Single Sign-On (SSO) passwords, hashed Lightweight Directory Access Protocol (LDAP) passwords, key files, and Enterprise Manager Java Platform Security (JPS) keys. A threat ...
3 days ago Cybersecuritynews.com CVE-2021-35587

Kali Linux 2025.1a New Tool & Upates to Desktop Environments - Continuing the tradition of annual theme updates with the year’s first release, Kali Linux 2025.1a boasts a modern interface with enhancements to the boot menu, login screen, and desktop wallpapers for both Kali and Kali Purple editions. With ...
6 days ago Cybersecuritynews.com

Spyware Maker SpyX Data Breach Exposes Nearly 2 Million Users Personal Data - “The vast majority of the email addresses are associated with SpyX,” confirmed Hunt, who classified the breach as “sensitive” in HIBP, allowing only affected individuals to verify if their information was compromised. The ...
6 days ago Cybersecuritynews.com

Veeam RCE Vulnerability Let Any Domain User Hack the Backup Servers - A remote code execution (RCE) vulnerability in Veeam Backup & Replication could allow any domain user to compromise backup servers with SYSTEM-level privileges. The findings, assigned CVE-2025-23120, affect Veeam Backup & Replication ...
5 days ago Cybersecuritynews.com CVE-2025-23120

CVE-2025-2602 - A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file deactivate_reg.php. The manipulation of the argument ID leads to sql ...
4 days ago

CVE-2025-2606 - A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/app/soulwinning_crud.php. The manipulation of the ...
4 days ago

Russian Seller Offering Record Breaking $4,000,000 for Telegram 0-Day Exploits - A Russian exploit brokerage firm, Operation Zero, has publicly announced bounties of up to $4 million for zero-day vulnerabilities in Telegram, signaling heightened state-sponsored interest in compromising the popular messaging app. The same ...
4 days ago Cybersecuritynews.com

CVE-2025-2608 - A vulnerability classified as critical has been found in PHPGurukul Banquet Booking System 1.2. This affects an unknown part of the file /admin/view-user-queries.php. The manipulation of the argument viewid leads to sql injection. It is possible to ...
4 days ago

CVE-2025-2609 - Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at ...
4 days ago

CVE-2025-30472 - Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet. ...
4 days ago

New VanHelsingRaaS Attacking Linux, BSD, ARM, and ESXi Systems - This two-stage approach helps evade behavioral detection systems that might flag simultaneous encryption and renaming activities as indicators of ransomware behavior. After all files have been encrypted in Silent mode, the ransomware performs a ...
2 days ago Cybersecuritynews.com

Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks - Cybersecurity experts have identified a persistent trend of threat actors exploiting legitimate remote monitoring and management (RMM) software to infiltrate networks, maintain access, and facilitate lateral movement. These legitimate tools, which ...
6 days ago Cybersecuritynews.com

Microsoft fixes Windows update bug that uninstalled Copilot - More recently, Microsoft started rolling out a new native Copilot app to Windows Insiders via the Microsoft Store and announced a press-to-talk feature enabling users to interact with Copilot using their voice when holding the Alt + Spacebar keyboard ...
6 days ago Bleepingcomputer.com

Microsoft Exchange Online outage affects Outlook web users - Two weeks ago, Redmond linked a weekend Microsoft 365 outage impacting Outlook and Exchange Online authentication to a "code issue." A subsequent advisory revealed that users still experienced issues accessing calendars and email messages using the ...
6 days ago Bleepingcomputer.com

Ukrainian military targeted in new Signal spear-phishing attacks - Ukraine's Computer Emergency Response Team (CERT-UA) is warning about highly targeted attacks employing compromised Signal accounts to send malware to employees of defense industry firms and members of the country's army forces. In February 2025, ...
6 days ago Bleepingcomputer.com

RansomHub Affiliate Deploying New Custom Backdoor Dubbed 'Betruger' For Persistence - RansomHub, as a RaaS provider, enables affiliates to leverage sophisticated tools like Betruger, potentially lowering the barrier to entry for conducting complex ransomware attacks. These include adaptive-based protections such as ACM.Ps-RgPst!g1 and ...
6 days ago Cybersecuritynews.com Ransomhub

New Steganographic Malware Exploits JPEG Files to Distribute Infostealers - A sophisticated malware campaign employing steganographic techniques has recently been identified, targeting users through seemingly innocent JPEG image files. The attack leverages hidden malicious code embedded within image files that, when ...
6 days ago Cybersecuritynews.com

HellCat hackers go on a worldwide Jira hacking spree - The Swiss company did not provide technical details about the breach but targeting the Jira ticketing system has become a common attack method for the HellCat hackers. Rey, a member of the HellCat hacking group, told BleepingComputer that they stole ...
6 days ago Bleepingcomputer.com

CVE-2023-43029 - IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment. ...
4 days ago

US Treasury removes sanctions on Tornado Cash after appellate court loss | The Record from Recorded Future News - In November, the federal appeals court ruled that the executive branch’s authority to “block ‘property’ in which a foreign ‘national’ or ‘person’ has an ‘interest’” did not apply in the case of Tornado Cash because its immutable ...
5 days ago Therecord.media Lazarus Group

Microsoft Trust Signing service abused to code-sign malware - Recently, cybersecurity researchers have seen threat actors utilizing the Microsoft Trusted Signing service to sign their malware with short-lived, three-day code-signing certificates. A cybersecurity researcher and developer known as 'Squiblydoo,' ...
4 days ago Bleepingcomputer.com

New Linux Kernel Rust Module Unveiled to Detect Rootkits - The module represents a significant advancement in Linux security tooling, addressing the critical need for modern detection mechanisms against increasingly sophisticated kernel-level threats. The new detection module was developed as part of a ...
2 days ago Cybersecuritynews.com

Pennsylvania education union data breach hit 500,000 people - PSEA says the stolen information varies by individual and consists of personal, financial, and health data, including driver's license or state IDs, social security numbers, account PINs, security codes, payment card information, passport ...
6 days ago Bleepingcomputer.com Rhysida

Dragon RaaS Leading 'Five Families' Crimeware With New Initial Access & Exploitation Methods - A sophisticated Ransomware-as-a-Service (RaaS) operation known as ‘Dragon’ has emerged as the dominant force within the notorious “Five Families” of crimeware, implementing advanced initial access techniques and exploitation ...
6 days ago Cybersecuritynews.com

GitHub Action supply chain attack exposed secrets in 218 repos - The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. According to data shared by ...
6 days ago Bleepingcomputer.com

Veeam RCE bug lets domain users hack backup servers, patch now - Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. Ransomware gangs have told BleepingComputer in the past that Veeam ...
5 days ago Bleepingcomputer.com CVE-2025-23120

Over 150 US Government Database Servers Exposed to the Internet - New Report - Over 150 government database servers normally hidden behind layers of security are now directly exposed to the Internet, leaving Americans’ data vulnerable to cyberattacks. The database vulnerabilities have been analyzed across Azure Government ...
5 days ago Cybersecuritynews.com

Researchers Unboxed FIN7's Stealthy Python-based Anubis Backdoor - The Python-based malware, dubbed “Anubis Backdoor,” represents an evolution in the group’s tactics, techniques, and procedures (TTPs) that have historically caused billions in damages globally. Cyber Security News is a Dedicated ...
5 days ago Cybersecuritynews.com FIN7

CVE-2025-2601 - A vulnerability, which was classified as critical, was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. This affects an unknown part of the file activate_reg.php. The manipulation of the argument ID leads to sql injection. ...
4 days ago

CVE-2025-2603 - A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This issue affects some unknown processing of the file deactivate.php. The manipulation of the argument ID leads to sql ...
4 days ago

CVE-2025-30204 - golang-jwt is a Go implementation of JSON Web Tokens. Prior to ...
4 days ago

Critical Next.js Middleware Vulnerability Let Attackers Gain Unauthorized Access - This critical flaw affects authentication flows, authorization controls, path rewriting, and security header implementations across multiple Next.js versions, potentially exposing thousands of web applications to unauthorized access. The ...
2 days ago Cybersecuritynews.com CVE-2025-29927

Click Profit blocked by the FTC over alleged e-commerce scams - Click Profit is an online business paltform promoted on social media and through websites that claims to help consumers generate passive income by setting up and managing e-commerce stores on Amazon, Walmart, and other platforms. The US Federal Trade ...
6 days ago Bleepingcomputer.com