Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

DragonForce and Anubis Ransomware Operators Unveils New Affiliate Models - Unlike traditional ransomware operations focused solely on encryption, Anubis offers three distinct extortion options with varying profit-sharing models, significantly diversifying their attack methodology and potential victim impact. The third and ...
7 hours ago Cybersecuritynews.com Dragonforce

New Power Parasites Phishing Attack Targeting Energy Companies and Major Brands - A sophisticated phishing campaign dubbed “Power Parasites” has been actively targeting global energy giants and major brands since 2024, according to a comprehensive threat report released this week. The ongoing campaign primarily ...
8 hours ago Cybersecuritynews.com

Social Engineering Awareness: How CISOs And SOC Heads Can Protect The Organization - By combining advanced technical controls with continuous training and a culture of security awareness, CISOs and SOC leaders can significantly reduce the risk of successful attacks. As technical defenses evolve and strengthen, attackers have shifted ...
10 hours ago Cybersecuritynews.com

XDR In Penetration Testing: Leveraging Advanced Detection To Find Vulnerabilities - For example, XDR’s ability to map telemetry from endpoints, firewalls, and cloud platforms might reveal that a vulnerability in a legacy application allows attackers to bypass network segmentation controls, a scenario that individual security tools ...
10 hours ago Cybersecuritynews.com

How To Build A Data Center Security Strategy For 2025 And Beyond - To build a robust data center security strategy for 2025 and beyond, organizations must adopt a comprehensive, multi-layered approach that addresses both physical and cyber risks, leverages the latest technologies, and incorporates resilient ...
10 hours ago Cybersecuritynews.com

Is Meetwithmature a Trustworthy Dating Platform? Here's What You Should Know - Yes, Meetwithmature is a legitimate dating platform with real users, community guidelines, and a team dedicated to maintaining a healthy online space. Meetwithmature is a niche online dating platform aimed at connecting individuals looking for ...
13 hours ago Cybersecuritynews.com

Top 5 Cybersecurity Risks CISOs Must Tackle in 2025 - The role of CISOs has transformed significantly, shifting from purely technical guardians to strategic business leaders who must balance security imperatives with organizational objectives. Rather than viewing cybersecurity as merely a technical ...
14 hours ago Cybersecuritynews.com

Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data - According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers and steal data. If a system is believed to be compromised, administrators ...
16 hours ago Cybersecuritynews.com CVE-2024-58136

Critical ScreenConnect Vulnerability Let Attackers Inject Malicious Code - ConnectWise has released an urgent security patch for its ScreenConnect remote access software to address a serious vulnerability that could allow attackers to execute malicious code on affected systems. However, if these machine keys are compromised ...
17 hours ago Cybersecuritynews.com CVE-2024-1709

Windows 11's Recall AI is now rolling out on Copilot+ PCs - At that time, Microsoft touted Recall as one of the best use cases of AI on Windows 11, but security researchers noted that Recall is a privacy nightmare that captures your passwords and stores them in plain text. Microsoft pulled back Recall AI and ...
23 hours ago Bleepingcomputer.com

Windows 11 KB5055627 update released with 30 new changes, fixes - The KB5055627 update is part of the company's optional non-security preview updates schedule, which pushes updates at the end of each month to let Windows admins test bug fixes, improvements, and features that will roll out during next month's ...
1 day ago Bleepingcomputer.com

Craft CMS RCE exploit chain used in zero-day attacks to steal data - Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. According to a report by SensePost, the ethical hacking ...
1 day ago Bleepingcomputer.com CVE-2025-32432

Threat Actors Registered 26k+ Domains Mimic Brands to Trick Users - These malicious domains serve as landing pages for sophisticated smishing (SMS phishing) campaigns, where unsuspecting users receive text messages containing links to what appear to be legitimate services. The domains follow specific naming patterns ...
1 day ago Cybersecuritynews.com Cloak

Largest telecom in Africa warns of cyber incident exposing customer data | The Record from Recorded Future News - This is the latest attack on a South African telecommunications company after another major player in the sector, Cell C, confirmed that data was leaked on the dark web following a cyberattack last year. South African Police Service and the ...
1 day ago Therecord.media

Marks & Spencer pauses online orders after cyberattack - On Wednesday, M&S also informed customers that the cyberattack disrupted some of its services, including contactless payments and Click & Collect orders in stores, and it was also causing delays in online order delivery. M&S first ...
1 day ago Bleepingcomputer.com

Mobile provider MTN says cyberattack compromised customer data - African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. "MTN Group would like to inform stakeholders that it has experienced a cybersecurity ...
1 day ago Bleepingcomputer.com

Marks & Spencer pauses online shopping following cyberattack | The Record from Recorded Future News - The company confirmed on Tuesday that it “has been managing a cyber incident over the past few days” following a slew of customer complaints on social media. In an updated statement, the company said it would pause taking orders via its websites ...
1 day ago Therecord.media

Windows "inetpub" security fix can be abused to block future updates - After people installed this month's Microsoft Patch Tuesday security updates, Windows users suddenly found an "inetpub" folder owned by the SYSTEM account created in the root of the system drive, normally the C: drive. In an update to a security ...
1 day ago Bleepingcomputer.com CVE-2025-21204

Baltimore City Public Schools data breach affects over 31,000 people - In November 2020, Baltimore County Public Schools, a Maryland school district that manages all public schools in Baltimore County, Maryland, also disclosed a data breach following a ransomware attack that forced it to shut down its network due to the ...
1 day ago Bleepingcomputer.com

Russian Hackers Attempting to Sabotage The Digital Control System of a Dutch Public Service - This cyber sabotage attempt appears to be part of an intensifying campaign of Russian hybrid warfare targeting the Netherlands, which has also included interference in European elections and mapping of vital North Sea infrastructure including ...
1 day ago Cybersecuritynews.com

6 Best Security Awareness Training Platforms For MSPs in 2025 - More than 20,000 entities in over 50 countries have partnered with Wizer to offer security awareness training, recognizing that the platform is a modern alternative to traditional learning methods that can become outdated or boring. Additionally, ...
1 day ago Cybersecuritynews.com

North Korean Hackers Using GenAI to Get Remote Jobs Around the Globe - In a sophisticated operation that blends social engineering with cutting-edge technology, North Korean operatives have been leveraging generative artificial intelligence tools to secure remote technical positions in companies worldwide. Okta Security ...
1 day ago Cybersecuritynews.com

SAP fixes suspected Netweaver zero-day exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
1 day ago Bleepingcomputer.com CVE-2025-31324

SAP fixes critical Netweaver flaw exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
1 day ago Bleepingcomputer.com CVE-2025-31324

Chrome UAF Vulnerabilities Exploited in the Wild - In Chrome, UAFs have historically been a major source of critical security bugs, particularly within the browser process, which has direct access to sensitive user data and system resources. These flaws, rooted in improper memory management, have ...
1 day ago Cybersecuritynews.com

Hackers Exploiting MS-SQL Servers & Deploy Ammyy Admin for Remote Access - Security researchers have identified that threat actors are specifically exploiting poorly secured MS-SQL instances to install Ammyy Admin, a legitimate remote desktop software that can be misused for unauthorized access, alongside a privilege ...
1 day ago Cybersecuritynews.com

‘SessionShark' - New Toolkit That Evades Microsoft Office 365 MFA - The toolkit implements specialized “human verification techniques” to filter out automated security scanners and research bots, ensuring the phishing content remains hidden from security systems. A sophisticated new phishing toolkit named ...
1 day ago Cybersecuritynews.com

Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords - In recent statements about their security posture, TikTok has emphasized that “protected U.S. user data is stored in the Oracle Cloud, with controlled and monitored gateways that only approved personnel have access to”. Cyber Security ...
1 day ago Cybersecuritynews.com

FBI To Offer Reward Up to $10 Million Any Information on Salt Typhoon Hackers - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The government has published comprehensive guidance titled “Enhanced Visibility and Hardening Guidance for Communications ...
1 day ago Cybersecuritynews.com

159 CVEs Exploited in The Wild in Q1 2025, 8.3% of Vulnerabilities Exploited Within 1-Day - Particularly concerning is the finding that 25.8% of these Known Exploited Vulnerabilities (KEVs) are still awaiting or undergoing analysis by NIST’s National Vulnerability Database, creating additional challenges for security teams attempting ...
1 day ago Cybersecuritynews.com

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
1 day ago Bleepingcomputer.com

Spring Security Vulnerability Let Attackers Determine Which Usernames are Valid - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability affects Spring Security versions 5.7.16, 5.8.18, 6.0.16, 6.1.14, 6.2.10, 6.3.8, and 6.4.4. Patches are now ...
1 day ago Cybersecuritynews.com CVE-2025-22234

Russian VPS Servers With RDP, Proxy Servers Fuel North Korean Cybercrime Operations - Trend Micro researchers identified that a threat actor known as Void Dokkaebi (also called Famous Chollima) has been conducting extensive social engineering campaigns through fictitious companies like BlockNovas, which presented itself as a ...
1 day ago Cybersecuritynews.com

Microsoft's Symlink Patch Created New Windows DoS Vulnerability - Standard users can create these junction points on many default-configured systems, potentially preventing critical security updates from being installed system-wide. Security researcher Kevin Beaumont has discovered that this fix introduces a denial ...
1 day ago Cybersecuritynews.com

North Korean APT Hackers Create Companies to Deliver Malware Strains Targeting Job Seekers - A sophisticated North Korean advanced persistent threat (APT) group known as “Contagious Interview” has established elaborate fake cryptocurrency consulting companies to target job seekers with specialized malware. Their investigation ...
1 day ago Cybersecuritynews.com Lazarus Group

Microsoft announces fix for CPU spikes when typing in Outlook - Previously, it addressed multiple other Microsoft 365 and Office issues, including a bug that triggered Outlook crasheswhen clicking a button that should've helped users switch back to classic Outlook and a widespread licensing issue blocking access ...
1 day ago Bleepingcomputer.com

New Reports Reveals How AI is Boosting the Phishing Attack Rapidly With More Accuracy - The report also highlights the resurgence of voice phishing (vishing), where attackers impersonate IT support personnel to extract credentials in real-time conversations, creating a multi-channel threat landscape that traditional email security ...
1 day ago Cybersecuritynews.com

U.S. Secret Service Details on How to Spot a Credit Card Skimmer - During Operation Potomac, conducted January 29-30, 2025, the Secret Service partnered with Fairfax, Montgomery, Prince George’s, Prince William, and Arlington County Police Departments, and the D.C. Metropolitan Police Department to inspect ...
1 day ago Cybersecuritynews.com

SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells - In April 2025, security researchers at ReliaQuest identified a series of incidents where threat actors leveraged this flaw to upload and execute webshells in publicly accessible directories, raising concerns of a zero-day remote file inclusion (RFI) ...
1 day ago Cybersecuritynews.com

Threat Actors Attacking Organization in Thailand to Deploy Ransomware - Thailand has emerged as a significant target for sophisticated ransomware attacks, with a dramatic 240% increase in cyber campaigns recorded in 2024 compared to the previous year. This surge reflects heightened geopolitical tensions and strategic ...
1 day ago Cybersecuritynews.com TA505 Ransomhub Lazarus Group LockBit Qilin

Verizon DBIR Report - Small Businesses Emerges as Prime Targets for Ransomware Attacks - For small businesses with limited resources, focusing on these fundamental security controls represents the most effective defense against the rising tide of ransomware attacks. The attack methodology reveals a sophisticated understanding of small ...
1 day ago Cybersecuritynews.com

Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities - Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. Cyber Security News is a Dedicated News Platform For Cyber ...
1 day ago Cybersecuritynews.com CVE-2025-1234

Microsoft Defender XDR False Positive Leads to Massive Data Leak of 1,700+ Sensitive Documents - According to a ANYRUN report shared with Cyber Security News , this error triggered a sudden influx of Adobe Acrobat Cloud links being uploaded to their sandbox for analysis. “We saw a sudden inflow of Adobe Acrobat Cloud links being uploaded to ...
1 day ago Cybersecuritynews.com

Nearly 500,000 impacted by 2023 cyberattack on Long Beach, California | The Record from Recorded Future News - In breach notification documents filed in multiple states, the city said 470,060 people had sensitive data accessed by hackers who breached government systems during a cyberattack in November 2023. More than a year after a cyberattack on the ...
1 day ago Therecord.media

Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts - “In logs reviewed by Volexity, initial device registration was successful shortly after interacting with the attacker. Access to email data occurring the following day, which was when UTA0355 had engineered a situation where their 2FA ...
2 days ago Bleepingcomputer.com

Dialysis company DaVita reviewing data leaked by ransomware gang | The Record from Recorded Future News - In the last week, Onsite Mammography, Kelly & Associates Insurance Group, Behavioral Health Resources, Hamilton Health Care System, Central Texas Pediatric Orthopedics and Medical Express Ambulance Service have all reported data breaches ...
2 days ago Therecord.media

Lazarus hackers breach six companies in watering hole attacks - In the incidents analyzed by Kaspersky, victims are redirected to sites that mimick software vendors, such as the distributor of Cross EX - a tool that enables South Koreans to use security software in various web browsers for online banking and ...
2 days ago Bleepingcomputer.com

North Korean IT workers seen using AI tools to scam firms into hiring them | The Record from Recorded Future News - In an effort to improve its own onboarding process and help customers dealing with the scheme, cybersecurity firm Okta conducted research into online services used by individuals identified by U.S. authorities and third parties as agents for the ...
2 days ago Therecord.media

Microsoft fixes machine learning bug flagging Adobe emails as spam - In August 2024, it also mitigated an Exchange Online bug that tagged emails containing images as malicious and sent them to quarantine automatically, while in October 2023, it had to disable a bad anti-spam rule that was flooding Microsoft 365 ...
2 days ago Bleepingcomputer.com

Threat Actors Taking Advantage of Unsecured Kubernetes Clusters for Cryptocurrency Mining - Cyber Security News - In a troubling development for cybersecurity professionals, threat actors are increasingly targeting unsecured Kubernetes clusters to deploy cryptocurrency mining operations, leveraging the computational resources of victim organizations without ...
2 days ago Cybersecuritynews.com

Frederick Health data breach impacts nearly 1 million patients - A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. As the health system revealed in a late March notification to patients, ...
2 days ago Bleepingcomputer.com

ToyMaker Hackers Compromised Multitude Hosts Using SSH & File Transfer Tools - The threat actor’s primary objective appears to be financially motivated, with ToyMaker establishing initial access and then transferring control to secondary actors, specifically the Cactus ransomware group. After establishing access, ToyMaker ...
2 days ago Cybersecuritynews.com Cactus

New Stego Campaign Leverages MS Office Vulnerability to Deliver AsyncRAT - Cybersecurity researchers have discovered a sophisticated malware campaign that employs steganography techniques to hide malicious code within seemingly innocent image files. This attack chain leverages an older Microsoft Office vulnerability ...
2 days ago Cybersecuritynews.com CVE-2017-0199

Microsoft now pays up to $30,000 for some AI vulnerabilities - Earlier this year, Redmond announced increased payouts for moderate severity Microsoft Copilot (AI) vulnerabilities and a 100% award multiplier for all Copilot bounty awards to incentivize AI research. Microsoft announced an increase in bug ...
2 days ago Bleepingcomputer.com

CISA Confirms Continued Support for CVE Program, No Funding Issues - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reaffirmed its strong commitment to the Common Vulnerabilities and Exposures (CVE) Program, following recent public reports that inaccurately suggested the program was in jeopardy ...
2 days ago Cybersecuritynews.com

Interlock ransomware claims DaVita attack, leaks stolen data - The Interlock ransomware gang has claimed the cyberattack on DaVita kidney dialysis firm and leaked data allegedly stolen from the organization. The healthcare company disclosed to the U.S. Securities and Exchange Commission (SEC) that on April ...
2 days ago Bleepingcomputer.com

Linux io_uring Security Blind Spot Let Attackers Stealthly Deploy Rootkits - The research team at ARMO has demonstrated that popular security solutions, including CrowdStrike’s Falcon, Microsoft Defender, Falco, and Tetragon, are effectively “blind” to malicious activities performed via io_uring—an ...
2 days ago Cybersecuritynews.com

Yale New Haven Health data breach affects 5.5 million patients - On April 11, 2025, YNHHS informed the public that its investigation into the incident confirmed a data breach that may have exposed sensitive patient information to unauthorized actors. Starting on April 14, 2025, YNHHS mailed letters to patients ...
2 days ago Bleepingcomputer.com

NVIDIA NeMo Framework Vulnerability Let Attackers Execute Remote Code - A successful exploit of this vulnerability might lead to code execution and data tampering,” states the official security bulletin. “NVIDIA NeMo Framework contains a vulnerability where a user could cause a deserialization of untrusted ...
2 days ago Cybersecuritynews.com

Hackers Exploited Ivanti Connect Secure 0-Day to Install DslogdRAT & Web Shell - The attacks, occurring around December 2024, leveraged CVE-2025-0282 to deploy multiple malicious tools, including a custom malware called DslogdRAT and a specially crafted web shell. This technique, while not highly sophisticated, provides ...
2 days ago Cybersecuritynews.com CVE-2025-0282

Citrix NetScaler Console Vulnerability Enables Admin Access - PoC Released - A critical vulnerability in Citrix NetScaler Console allows complete unauthenticated administrative access despite being initially classified as merely a “sensitive information disclosure” issue. “The vulnerability allows an ...
2 days ago Cybersecuritynews.com

Microsoft fixes bug causing incorrect 0x80070643 WinRE errors - Microsoft says it resolved a known issue causing erroneous 0x80070643 installation failure errors when deploying the April 2025 Windows Recovery Environment (WinRE) updates. "After installing the April 2025 Windows Recovery Environment update ...
2 days ago Bleepingcomputer.com

Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication - “An SSH tunnel with port forwarding exposes the database service to external access, creating a direct communication channel with the database from a remote system,” explains the researcher. “By leveraging this capability, I was ...
2 days ago Cybersecuritynews.com

Ransomware now plays a role in nearly half of all breaches, new research finds | The Record from Recorded Future News - Verizon found that 64% of ransomware victims did not pay the ransoms — which was up from 50% two years ago — and the median amount paid to ransomware groups has decreased to $115,000 (from $150,000 last year). One section of the report focusing ...
2 days ago Therecord.media

Threat Actors Turn More Sophisticated & Exploiting Zero-Day Vulnerabilities - Google Warns - According to the newly released M-Trends 2025 report, attackers are demonstrating enhanced capabilities to create custom malware ecosystems, identify and exploit zero-day vulnerabilities in security appliances, and deploy advanced evasion techniques ...
2 days ago Cybersecuritynews.com

Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Flaw - Cisco Systems has issued a critical security advisory confirming that multiple products across its portfolio are affected by a remote code execution (RCE) vulnerability in the Erlang/OTP SSH server (CVE-2025-32433). The vulnerability impacts critical ...
2 days ago Cybersecuritynews.com CVE-2025-32433

Cyberattack hits drinking water supplier in Spanish town near Barcelona | The Record from Recorded Future News - The nature of the attack has not been confirmed by official sources, but the incident comes amid growing concerns regarding the potential impact of ransomware incidents on critical public utilities, including water supplies. While attacks on ...
2 days ago Therecord.media

Commvault RCE Vulnerability Let Attackers Breach the Vault - PoC Released - The vulnerability, tracked as CVE-2025-34028, could allow attackers to compromise enterprise backup systems without requiring authentication, potentially putting organizations’ most critical data at risk. Cyber Security News is a Dedicated News ...
2 days ago Cybersecuritynews.com CVE-2025-34028

Critical Langflow Vulnerability Allows Malicious Code Injection - Technical Details Revealed - Cybersecurity researchers have uncovered a critical remote code execution (RCE) vulnerability in Langflow, an open-source platform widely used for visually composing AI-driven agents and workflows. The security flaw affects all Langflow versions ...
2 days ago Cybersecuritynews.com

Linux 'io_uring' security blindspot allows stealthy rootkit attacks - The flaw was discovered by ARMO security researchers who developed a proof-of-concept rootkit called "Curing" to demonstrate the practicality and feasibility of attacks leveraging io_uring for evasion. The researchers explain that io_uring supports a ...
2 days ago Bleepingcomputer.com

Redis DoS Vulnerability: Attackers Can Exhaust Server Memory or Cause Crashes - “An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed,” Redis maintainers explained in their security advisory. “Exposure to this vulnerability requires a Redis ...
2 days ago Cybersecuritynews.com CVE-2025-21605

GitLab Security Update - Patch for XSS, DoS & Account Takeover Vulnerabilities - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. As the digital threat landscape becomes increasingly complex, organizations should adhere to cybersecurity best practices, ...
2 days ago Cybersecuritynews.com

Threat Actors Using Weaponized SVG Files to Redirect Users to Malicious Websites - According to their analysis, these malicious SVG files frequently appear as seemingly harmless email attachments that trigger no alerts from traditional security solutions. A particularly concerning trend involves the weaponization of Scalable Vector ...
2 days ago Cybersecuritynews.com

SonicWall SSLVPN Vulnerability Let Remote Attackers to Crash Firewall Appliances - The vulnerability, tracked as CVE-2025-32818, received a high severity CVSS score of 7.5 and affects numerous SonicWall firewall models running specific firmware versions. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack ...
2 days ago Cybersecuritynews.com CVE-2025-32818

Blue Shield Leaked Health Info of 4.7M patients with Google Ads - “On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, Google Analytics was configured in a way that allowed certain member data to be shared with Google’s advertising product, Google Ads, that likely ...
2 days ago Cybersecuritynews.com

Trending Cyber News (last 7 days)

Thousands of Baltimore students, teachers affected by data breach following February ransomware attack | The Record from Recorded Future News - A Baltimore City Public Schools official confirmed to Recorded Future News that the incident was a ransomware attack but said no ransom was paid. Officials at Baltimore City Public Schools published a breach notice on Tuesday warning that a cyber ...
3 days ago Therecord.media

Hackers Exploiting Microsoft 365 OAuth Workflows to Target Organizations - “This latest series of attacks marks the second time since January 2025 that Russian threat actors have utilized little-known techniques to obtain access to M365 resources,” researchers concluded. In some instances, attackers use the ...
3 days ago Cybersecuritynews.com

Hackers Weaponized Google Forms to Evade Email Security & Steal Logins - Cyber Security News - The platform’s reputation as a legitimate Google service means that links to these forms frequently bypass email security controls that would generally flag suspicious URLs. Security researchers have observed attackers utilizing the HTTP POST ...
3 days ago Cybersecuritynews.com

Marks & Spencer Confirms a Cyberattack Hits Payments & Online Orders - The company has also fulfilled regulatory obligations by reporting the incident to the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC). “The Company has engaged external cyber security experts to ...
3 days ago Cybersecuritynews.com Silence

ChatGPT Creates Working Exploit for CVE's Before Public PoCs Released - In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities before public proof-of-concept (PoC) exploits are ...
3 days ago Cybersecuritynews.com CVE-2025-32433

Synology Network File System Vulnerability Let Read Any File - The vulnerability, tracked as CVE-2025-1021 and detailed in a security advisory, was resolved in recent updates and affects multiple versions of the popular network-attached storage (NAS) operating system. This vulnerability enables unauthenticated ...
3 days ago Cybersecuritynews.com CVE-2025-1021

How to Secure the Extended Enterprise - CISO Insights on Third-Party Risk - For Chief Information Security Officers (CISOs), mitigating third-party risks requires a strategic blend of technological rigor, contractual accountability, and cross-organizational collaboration. Recent high-profile supply chain attacks, such as ...
3 days ago Cybersecuritynews.com

Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls - The security advisory, published on April 22, 2025, details the patches for CVE-2025-1731 and CVE-2025-1732, which impact multiple firmware versions of the company’s enterprise-grade security appliances. The discovery underscores the critical ...
3 days ago Cybersecuritynews.com CVE-2025-1731

Hackers Attacking Organization With New Malware Mimic as Networking Software Updates - The malware, which masquerades as legitimate updates for ViPNet secure networking software, enables attackers to steal sensitive data and deploy additional malicious components to compromised systems. The attack leverages a path substitution ...
3 days ago Cybersecuritynews.com

New Malware Hijacking Docker Images with Unique Obfuscation Technique - A newly discovered malware campaign is targeting Docker environments, employing a sophisticated, multi-layered obfuscation technique to evade detection and hijack compute resources for cryptojacking. Security researchers from Darktrace and Cado ...
3 days ago Cybersecuritynews.com

Ransomware groups test new business models to hit more victims, increase profits | The Record from Recorded Future News - While this type of extortion is not completely novel, with AlphV/BlackCat reportedly disclosing an incident to the U.S. Securities and Exchange Commission after a victim refused to make a ransom payment, Secureworks said it has not seen other ...
3 days ago Therecord.media LockBit Dragonforce

Microsoft fixes Windows Server 2025 blue screen, install issues - Microsoft also fixed a bug that caused authentication issues when Credential Guard was enabled on systems using the Kerberos PKINIT pre-auth security protocol, and it introduced a new Windows 11 24H2 safeguard hold for systems with SenseShield ...
3 days ago Bleepingcomputer.com

Hackers Exploited 17-year-old vulnerability to Weaponize Word Documents - Security researchers at Fortinet’s FortiGuard Labs have uncovered a sophisticated phishing campaign that uses weaponized Microsoft Word documents to deliver information-stealing malware to unsuspecting Windows users. “This vulnerability ...
3 days ago Cybersecuritynews.com Equation CVE-2017-11882

Sophisticated WordPress Ad-fraud Plugins Generated 1.4 Billion Ad Requests Per Day - The sophisticated scheme, recently disrupted by HUMAN’s Satori Threat Intelligence and Research team, exploited digital piracy through a collection of four WordPress extensions that redirect users through ad-laden intermediary pages before ...
4 days ago Cybersecuritynews.com Cloak

ASUS releases fix for AMI bug that lets hackers brick servers - After downloading the latest BMC firmware update (.ima file), you can apply it through the web interface > Maintenance > Firmware Update, select the file, and click 'Start Firmware Update.' It is also recommended that you check the 'Full Flash' ...
3 days ago Bleepingcomputer.com CVE-2024-54085

Russian army targeted by new Android malware hidden in mapping app - The spyware, which was discovered by researchers at Russian mobile antivirus company Doctor Web, hides inside a fully working Alpine Quest app, reducing suspicion and creating valuable data theft opportunities. A new Android malware has been ...
3 days ago Bleepingcomputer.com

Microsoft Boosts MSA Signing Service Security on Azure Following Storm-0558 Breach - “We have applied new defense-in-depth protections, migrated the Microsoft Account (MSA) signing service to run on Azure confidential VMs, and we are migrating the Entra ID signing service to Azure confidential VMs,” states the report, ...
4 days ago Cybersecuritynews.com

CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits - These advisories, published on April 22, 2025, provide detailed information on security flaws, associated Common Vulnerabilities and Exposures (CVEs), and recommended mitigations for affected organizations. A critical privilege-escalation ...
3 days ago Cybersecuritynews.com CVE-2024-11425

The Role of AI in Modernizing Cybersecurity Programs - In the face of relentless cyber threats and an ever-expanding digital attack surface, security leaders are under growing pressure to modernize their cybersecurity programs by leveraging AI in cybersecurity to enhance detection, response, and overall ...
3 days ago Cybersecuritynews.com

CVE-2025-43921 - GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. ...
6 days ago

Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds - Meanwhile, Coin98 Wallet contained a vulnerability allowing attackers to send crafted messages with isDev:true parameter to the Content Script, making the Background Script believe commands came from the legitimate Wallet UI rather than a malicious ...
3 days ago Cybersecuritynews.com CVE-2023-40580

FireEye EDR Agent Vulnerability Let Attackers Inject Malicious Code - The newly identified vulnerability enables a malicious third party to invoke a persistent denial of service condition in the FireEye EDR agent by sending a specially crafted tamper protection event to the HX service, which triggers an exception in ...
3 days ago Cybersecuritynews.com CVE-2025-0618

FBI: US lost record $16.6 billion to cybercrime in 2024 - According to the bureau's annual Internet Crime Complaint Center (IC3) report, IC3 recorded 859,532 complaints last year (256,256 with actual loss), amounting to an average loss of $19,372. Fraud represented the bulk of reported losses in 2024, and ...
3 days ago Bleepingcomputer.com

Building A Unified Security Strategy: Integrating Digital Forensics, XDR, And EDR For Maximum Protection - To effectively counter these threats, organizations must integrate Digital Forensics, Extended Detection and Response (XDR), and Endpoint Detection and Response (EDR) into a unified security framework. It involves two main components: digital ...
3 days ago Cybersecuritynews.com

Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter | The Record from Recorded Future News - “In the past, Cloudflare has seen governments primarily implementing internet shutdowns around national exams, and around (disputed) elections and/or protests, so fewer of these events in the first quarter may have been a factor,” a spokesperson ...
3 days ago Therecord.media Silence

Millions impacted by data breaches at Blue Shield of California, mammography service and more | The Record from Recorded Future News - Just in the last week, Onsite Mammography, Kelly & Associates Insurance Group, Behavioral Health Resources, Hamilton Health Care System, Central Texas Pediatric Orthopedics and Medical Express Ambulance Service have all reported data breaches ...
3 days ago Therecord.media

Widespread Microsoft Entra lockouts tied to new security feature rollout - In a Reddit thread posted early this morning, Windows admins reported receiving multiple alerts from Entra indicating that some of their user accounts had been found with credentials leaked on the dark web or other locations. Windows administrators ...
6 days ago Bleepingcomputer.com

CVE-2025-1731 - An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and ...
2 days ago CVE-2025-1732

CVE-2025-1021 - Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors. ...
3 days ago

FBI Warns of Scammers Mimic as IC3 Employees to Defraud Individuals - “The threat actors have implemented multi-stage encryption and fileless execution methods that make traditional detection extremely difficult,” noted Senior IC3 Cyber Analyst Maria Chen. Cyber Security News is a Dedicated News Platform ...
4 days ago Cybersecuritynews.com

Ripple XPRL Official NPM Package Hijacked To Inject Private Key Stealing Malware - “This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” warned Charlie Eriksen, a malware researcher at Aikido Security. The ...
3 days ago Cybersecuritynews.com

The Evolving Role of the CISO - Balancing Risk and Innovation in the Digital Age - The CISO emerges as a critical bridge between technical rigor and business agility in this landscape, ensuring security frameworks adapt to technological advancements without stifling growth. Beyond technical oversight, CISOs now quantify cyber risks ...
3 days ago Cybersecuritynews.com

CVE-2025-43922 - The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM. ...
5 days ago

How To Correlate Web Logs And Network Indicators To Track Credential Theft - To effectively detect credential theft, organizations must collect and analyze logs from a variety of sources, including web servers, authentication systems, proxies, DNS servers, endpoint protection platforms, and network monitoring tools. Common ...
6 days ago Cybersecuritynews.com

CVE-2025-3837 - An improper input validation vulnerability is identified in the End of Life (EOL) OVA based connect component which is deployed for installation purposes in the customer internal network. This EOL component was deprecated in September 2023 with end ...
5 days ago

Mapping The Cyber Kill Chain Using Correlated Security Logs And Timeline Tools - Mapping the cyber kill chain using correlated security logs and timeline tools enables organizations to move from reactive to proactive defense. As cyber threats continue to evolve, the integration of log correlation, timeline analysis, and the kill ...
6 days ago Cybersecuritynews.com

Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation - “This CVE is a masterclass in path abuse, trusted location redirection, and privilege escalation using native components — everything a red team loves and a blue team fears,” Cyberdom said to Cyber Security News. Security analysts have ...
4 days ago Cybersecuritynews.com CVE-2025-21204

CISA Warns Threat Hunting Staff to Stop Using Censys & VirusTotal - “We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the April 16-dated notification sent to more than 500 CISA cyber threat hunters. Homeland ...
4 days ago Cybersecuritynews.com Hunters

Hackers Leverage Legitimate MS Utility Tool to Inject a Malicious DLL Payload - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Just two months ago, researchers from Trend Micro uncovered a sophisticated attack campaign by Earth Preta (also known as ...
4 days ago Cybersecuritynews.com Mustang Panda

TP-Link Router Vulnerabilities Let Attackers Inject Malicious SQL Commands - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. TP-Link has been notified of these vulnerabilities, but as of this publication, no security patches have been confirmed as ...
4 days ago Cybersecuritynews.com

CVE-2025-0618 - A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper ...
3 days ago

Windows 10 KB5055612 preview update fixes a GPU bug in WSL2 - Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2). Windows 10 users can also manually download and ...
4 days ago Bleepingcomputer.com

Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs | The Record from Recorded Future News - The scheme typically starts with a phishing attempt through a messaging app like Signal or WhatsApp inviting potential victims “to join a video call to discuss the conflict in Ukraine,” Volexity says. The report does not link them to existing ...
4 days ago Therecord.media

Blue Shield of California leaked health data of 4.7 million members to Google - "On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, Google Analytics was configured in a way that allowed certain member data to be shared with Google's advertising product, Google Ads, that likely included ...
3 days ago Bleepingcomputer.com Blacksuit

CVE-2025-43919 - GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the username parameter. ...
6 days ago

Detecting Malicious JavaScript Using Behavior Analysis And Network Traces - For example, if behavioral analysis flags a script for repeatedly invoking dynamic code execution functions and modifying sensitive DOM elements, and network trace analysis simultaneously detects outbound requests to a known malicious domain, the ...
6 days ago Cybersecuritynews.com

GitHub Enterprise Server Vulnerabilities Allows Arbitrary Code Execution - GitHub has issued urgent security updates for its Enterprise Server product after discovering multiple high-severity vulnerabilities, including a critical flaw (CVE-2025-3509) that allows attackers to execute arbitrary code and compromise systems. ...
5 days ago Cybersecuritynews.com CVE-2025-3509

New Phishing Attack Appending Weaponized HTML Files Inside SVG Files - When opened, these files execute their embedded code, either displaying an HTML page with deceptive content or using JavaScript to redirect victims to sophisticated phishing sites that mimic legitimate services like Google Voice or Microsoft login ...
5 days ago Cybersecuritynews.com