Cybersecurity News Aggregator | CyberSecurityBoard

Latest Cyber News

Kali Linux warns of update failures after losing repo signing key - Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. This isn't the first time Kali Linux users have had to manually update their keyring to avoid having update ...
9 minutes ago Bleepingcomputer.com

RansomHub Ransomware Deploying Malware to Compromise Corporate Networks - The downloaded “Update.zip” contains “Update.js,” a JScript file that sends a POST request to the SocGholish C2 server at “hxxps://exclusive.nobogoods[.]com/updateStatus” to retrieve the next stage of the attack. ...
38 minutes ago Cybersecuritynews.com Ransomhub

SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells - This vulnerability stems from a missing authorization check in the Metadata Uploader component, allowing unauthenticated attackers to upload malicious executable files by sending specially crafted POST requests to the ...
1 hour ago Cybersecuritynews.com

Microsoft fixes Outlook on the web search issues, failures - Last month, it resolved another incident (EX1035922) caused by a code error that blocked some Exchange Online users from searching using Outlook on the web or the new Outlook client, with affected customers seeing 'We didn't find anything, try a ...
1 hour ago Bleepingcomputer.com

BreachForums Reveals Law Enforcement Crackdown Exploiting MyBB 0-Day - BreachForums, a notorious cybercrime marketplace and successor to RaidForums, has confirmed that its platform was the target of a sophisticated law enforcement operation exploiting a previously unknown vulnerability, commonly referred to as a ...
1 hour ago Cybersecuritynews.com

SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code - The company recommends running the Epson Software Updater to download and install the “Security vulnerability patch” and the “Epson Printer Driver Security Support Tool”. “An attacker may execute arbitrary code with ...
1 hour ago Cybersecuritynews.com CVE-2025-42598

19 APT Hackers Attacking Asia Company's Servers by Exploiting Vulnerability & Spear Phishing Email - The technical sophistication demonstrated in these attacks highlights the evolving capabilities of APT groups targeting Asian organizations, requiring enhanced security measures and continued vigilance from cybersecurity teams across the region. In ...
1 hour ago Cybersecuritynews.com Lazarus Group APT37 APT3

China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data - The malware enabled attackers to execute arbitrary network commands while employing sophisticated techniques to avoid detection, including full communication encryption, string encoding, data compression, and complex cryptography. From May to July ...
2 hours ago Cybersecuritynews.com

Windows 11 25H2 to be Released Possibly With Minor Changes - Unlike the more substantial updates seen in previous releases, Windows 11 25H2 appears to focus on incremental enhancements and stability improvements, aligning with Microsoft’s strategy of delivering enablement packages that unlock existing ...
2 hours ago Cybersecuritynews.com

Ukrainian state and banking services restored after data center outage | The Record from Recorded Future News - The outage, caused by a power failure at De Novo’s data center, temporarily knocked offline services including Ukraine’s Diia government app, local banks, postal delivery giant Nova Post and contactless payment systems such as Apple Pay and ...
2 hours ago Therecord.media

Cloudflare mitigates record number of DDoS attacks in 2025 - Internet services giant Cloudflare says it mitigated a record number of DDoS attacks in 2024, recording a massive 358% year-over-year jump and a 198% quarter-over-quarter increase. However, 2025 is looking to be an even bigger problem for online ...
2 hours ago Bleepingcomputer.com

FBI Reports Shocking ₹1.38 Lakh Crore Loss in 2024, 33% Increased From 2023 - Cyber Security News - The FBI’s report emphasizes the importance of reporting cyber incidents promptly through the IC3 portal, noting that their Recovery Asset Team achieved a 66% success rate in freezing fraudulent transactions, recovering over $561 million in ...
3 hours ago Cybersecuritynews.com LockBit

Monitoring Dark Web Threats - CISO’s Proactive Approach - By embedding these best practices into the organization’s security posture, CISOs can ensure that dark web monitoring delivers actionable insights and drives continuous improvement. As the dark web continues to evolve, CISOs must champion a culture ...
3 hours ago Cybersecuritynews.com

Nationwide Power Outages in Portugal & Spain Possibly Due to Cyberattack - A massive power outage struck the Iberian Peninsula on April 28, 2025, plunging millions of people into darkness as electricity supplies were suddenly cut across Spain and Portugal. Electric sector sources dismiss the possibility of a simple short ...
3 hours ago Cybersecuritynews.com

M&S warehouse workers told not to come to work following cyberattack | The Record from Recorded Future News - It follows the company — which has more than 1,400 stores worldwide and made a profit before tax last year of £672 million ($896 million) — announcing on Friday that it was pausing all online shopping three days after it initially announced it ...
4 hours ago Therecord.media

New RedExt Chrome Extension Tool for Red Teamers with a Flask-based C2 Server - A sophisticated new red team tool called RedExt has recently been released, combining a Manifest V3 Chrome extension with a Flask-based Command and Control (C2) server to create a powerful framework for authorized security operations. As ...
4 hours ago Cybersecuritynews.com

Aligning Cybersecurity with Business Goals - CISO Insights - By translating technical risks, such as ransomware, supply chain threats, or cloud misconfiguration, into clear business impacts like financial loss, operational downtime, or reputational harm, CISOs can secure executive buy-in and ensure that ...
5 hours ago Cybersecuritynews.com

Ransomware Defense Playbook for CISOs in 2025 - Additionally, CISOs should work closely with cyber insurance providers to validate that policies cover modern ransomware threats, including business interruption, reputational damage, and regulatory fines. For Chief Information Security Officers ...
5 hours ago Cybersecuritynews.com

Assessing Third-Party Vendor Risks - CISO Best Practices - This article outlines actionable strategies to navigate the complexities of vendor risk management, emphasizing proactive measures to safeguard organizational assets while maintaining collaborative partnerships. Centralize vendor data within a ...
6 hours ago Cybersecuritynews.com

FastCGI Library Vulnerability Exposes Embedded Devices to Code Execution Attacks - A critical vulnerability in the FastCGI library could allow attackers to execute arbitrary code on embedded devices. When both nameLen and valueLen equal 0x7fffffff, adding +2 causes an integer overflow on 32-bit systems, resulting in a smaller ...
6 hours ago Cybersecuritynews.com CVE-2025-23016

React Router Vulnerabilities Let Attackers Spoof Contents & Modify Values - To exploit this vulnerability, an attacker needs no special privileges-they simply add the malicious header to requests targeting pages that use loaders in applications running React Router in Framework mode. The first vulnerability, assigned a CVSS ...
6 hours ago Cybersecuritynews.com

Selecting Cybersecurity Vendors - CISO’s Decision Framework - As the guardians of organizational security, CISOs must approach vendor selection with a strategic mindset that balances risk, integration, and long-term value. In an era where cyber threats are growing in sophistication and frequency, Chief ...
6 hours ago Cybersecuritynews.com

CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices - “Successful exploitation of these vulnerabilities could allow an attacker to read or manipulate device data, gain administrative privileges, or alter database entries,” CISA warned in its advisory. Additionally, the Mongo service ...
7 hours ago Cybersecuritynews.com CVE-2025-46275

Hackers Selling Advanced Stealthy HiddenMiner Malware on Dark Web Forums - Security experts recommend maintaining updated security solutions, monitoring system performance for unexplained resource usage, implementing application whitelisting, and using hardware monitoring tools to detect unusual CPU or GPU activity that ...
7 hours ago Cybersecuritynews.com

Storm-1977 Hackers Compromised 200+ Crypto Mining Containers Using AzureChecker CLI Tool - Organizations can protect themselves against similar attacks by implementing multi-factor authentication, enforcing the principle of least privilege for all accounts, monitoring for suspicious API calls, and deploying container-specific security ...
8 hours ago Cybersecuritynews.com

Reducing Cyber Insurance Costs - CISO Proactive Measures - By taking a proactive, strategic approach to security that addresses insurer requirements while advancing business objectives, CISOs can effectively reduce cyber insurance costs while strengthening their organization’s security posture. ...
8 hours ago Cybersecuritynews.com

Fog Ransomware Directory With Active Directory Exploitation Tools & Scripts Uncovered - Cyber Security News - Analysis of the directory’s contents revealed that initial access to victim networks was primarily achieved through compromised SonicWall VPN credentials, followed by systematic exploitation of Active Directory environments to gain domain ...
9 hours ago Cybersecuritynews.com CVE-2020-1472

Securing IoT Devices - CISO’s Strategic Resource Guide - The rapidly changing threat landscape demands that CISOs foster a culture of security awareness and shared responsibility across all organizational levels. As new technologies like AI-driven anomaly detection or quantum-resistant encryption emerge, ...
9 hours ago Cybersecuritynews.com

New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code - The vulnerability, assigned CVE-2025-24091, leverages the operating system’s Darwin notifications system to trigger an endless reboot cycle, effectively “bricking” devices and requiring a complete system restore. They provide a ...
10 hours ago Cybersecuritynews.com CVE-2025-24091

Cyber Security Company CEO Arrested for Installing Malware Onto Hospital Computers - Jeffrey Bowie, CEO of cybersecurity firm Veritaco, was arrested on April 14, 2025, facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly installing malware on computers at St. “On August 6, 2024, an unauthorized ...
11 hours ago Cybersecuritynews.com

400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild - Discovered in April 2025 by ReliaQuest security researchers during incident response activities, the vulnerability has already been weaponized in attacks against organizations running even fully-patched SAP installations. Organizations using SAP ...
14 hours ago Cybersecuritynews.com CVE-2025-31324

Coinbase fixes 2FA log error making people think they were hacked - As BleepingComputer first reported earlier this month, Coinbase had mistakenly labeled failed login attempts with incorrect passwords as two-factor authentication failues in the Account Activity logs. These mislabeled entries could have also been ...
22 hours ago Bleepingcomputer.com

Brave's Cookiecrumbler tool taps community to help block cookie notices - Brave has open-sourceed a new tool called "Cookiecrumbler," which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won't break site functionality. Cookiecrumbler uses AI to find ...
1 day ago Bleepingcomputer.com

Weekly Cyber Security News Letter - Last Week's Top Cyber Attacks & Vulnerabilities - A critical vulnerability in Windows Defender Application Control (WDAC) has been uncovered, allowing attackers to bypass strict security policies using WinDbg Preview, a Microsoft Store app. A vulnerability in the FireEye EDR agent allows attackers ...
1 day ago Cybersecuritynews.com Hunters Akira

IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems - Windows Local Privilege Escalation On Windows, the VPN client similarly stores its OpenVPN configuration in C:\Windows\Temp, a directory where standard users can create files and folders with full permissions. Linux Local Privilege Escalation On ...
1 day ago Cybersecuritynews.com CVE-2025-ZZZ-01

Navigating Cybersecurity Frameworks - CISO Resource Guide - Cybersecurity frameworks have emerged as essential tools, providing structured approaches to managing risk, implementing controls, and aligning security initiatives with business goals. CISOs should begin with a thorough risk assessment and a mapping ...
1 day ago Cybersecuritynews.com Patchwork

How Digital Forensics Supports Incident Response: Insights For Security Leaders - This article explores how digital forensics enhances incident response, the essential techniques involved, and practical strategies for security leaders to implement robust DFIR capabilities. Digital forensics focused on the collection, preservation, ...
1 day ago Cybersecuritynews.com

Identity and Access Management (IAM) - The CISO’s Core Focus in Modern Cybersecurity - In an era where digital identities have become the primary attack vector, CISOs face unprecedented pressure to secure access across increasingly complex ecosystems. CISOs now recognize that robust identity controls are inseparable from business ...
1 day ago Cybersecuritynews.com

MDR vs. Traditional Security Operations: What’s Right For Your Penetration Testing Team? - By understanding the technical differences between traditional security operations and MDR, penetration testing teams can make informed decisions that enhance their ability to protect against modern cyber threats. Choosing between traditional ...
1 day ago Cybersecuritynews.com

Building Trust Through Transparency - CISO Cybersecurity Practices - In an era of digital transformation and rising cyber threats, Building Trust Through Transparency has become a critical mission for the Chief Information Security Officer (CISO), who has evolved from a technical expert to a strategic leader ...
1 day ago Cybersecuritynews.com

DragonForce and Anubis Ransomware Operators Unveils New Affiliate Models - Unlike traditional ransomware operations focused solely on encryption, Anubis offers three distinct extortion options with varying profit-sharing models, significantly diversifying their attack methodology and potential victim impact. The third and ...
2 days ago Cybersecuritynews.com Dragonforce

New Power Parasites Phishing Attack Targeting Energy Companies and Major Brands - A sophisticated phishing campaign dubbed “Power Parasites” has been actively targeting global energy giants and major brands since 2024, according to a comprehensive threat report released this week. The ongoing campaign primarily ...
2 days ago Cybersecuritynews.com

Social Engineering Awareness: How CISOs And SOC Heads Can Protect The Organization - By combining advanced technical controls with continuous training and a culture of security awareness, CISOs and SOC leaders can significantly reduce the risk of successful attacks. As technical defenses evolve and strengthen, attackers have shifted ...
2 days ago Cybersecuritynews.com

XDR In Penetration Testing: Leveraging Advanced Detection To Find Vulnerabilities - For example, XDR’s ability to map telemetry from endpoints, firewalls, and cloud platforms might reveal that a vulnerability in a legacy application allows attackers to bypass network segmentation controls, a scenario that individual security tools ...
2 days ago Cybersecuritynews.com

How To Build A Data Center Security Strategy For 2025 And Beyond - To build a robust data center security strategy for 2025 and beyond, organizations must adopt a comprehensive, multi-layered approach that addresses both physical and cyber risks, leverages the latest technologies, and incorporates resilient ...
2 days ago Cybersecuritynews.com

Is Meetwithmature a Trustworthy Dating Platform? Here's What You Should Know - Yes, Meetwithmature is a legitimate dating platform with real users, community guidelines, and a team dedicated to maintaining a healthy online space. Meetwithmature is a niche online dating platform aimed at connecting individuals looking for ...
2 days ago Cybersecuritynews.com

Top 5 Cybersecurity Risks CISOs Must Tackle in 2025 - The role of CISOs has transformed significantly, shifting from purely technical guardians to strategic business leaders who must balance security imperatives with organizational objectives. Rather than viewing cybersecurity as merely a technical ...
2 days ago Cybersecuritynews.com

Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data - According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers and steal data. If a system is believed to be compromised, administrators ...
2 days ago Cybersecuritynews.com CVE-2024-58136

Critical ScreenConnect Vulnerability Let Attackers Inject Malicious Code - ConnectWise has released an urgent security patch for its ScreenConnect remote access software to address a serious vulnerability that could allow attackers to execute malicious code on affected systems. However, if these machine keys are compromised ...
2 days ago Cybersecuritynews.com CVE-2024-1709

Windows 11's Recall AI is now rolling out on Copilot+ PCs - At that time, Microsoft touted Recall as one of the best use cases of AI on Windows 11, but security researchers noted that Recall is a privacy nightmare that captures your passwords and stores them in plain text. Microsoft pulled back Recall AI and ...
2 days ago Bleepingcomputer.com

Windows 11 KB5055627 update released with 30 new changes, fixes - The KB5055627 update is part of the company's optional non-security preview updates schedule, which pushes updates at the end of each month to let Windows admins test bug fixes, improvements, and features that will roll out during next month's ...
2 days ago Bleepingcomputer.com

Craft CMS RCE exploit chain used in zero-day attacks to steal data - Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. According to a report by SensePost, the ethical hacking ...
2 days ago Bleepingcomputer.com CVE-2025-32432

Threat Actors Registered 26k+ Domains Mimic Brands to Trick Users - These malicious domains serve as landing pages for sophisticated smishing (SMS phishing) campaigns, where unsuspecting users receive text messages containing links to what appear to be legitimate services. The domains follow specific naming patterns ...
2 days ago Cybersecuritynews.com Cloak

Largest telecom in Africa warns of cyber incident exposing customer data | The Record from Recorded Future News - This is the latest attack on a South African telecommunications company after another major player in the sector, Cell C, confirmed that data was leaked on the dark web following a cyberattack last year. South African Police Service and the ...
3 days ago Therecord.media

Marks & Spencer pauses online orders after cyberattack - On Wednesday, M&S also informed customers that the cyberattack disrupted some of its services, including contactless payments and Click & Collect orders in stores, and it was also causing delays in online order delivery. M&S first ...
3 days ago Bleepingcomputer.com

Mobile provider MTN says cyberattack compromised customer data - African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. "MTN Group would like to inform stakeholders that it has experienced a cybersecurity ...
3 days ago Bleepingcomputer.com

Marks & Spencer pauses online shopping following cyberattack | The Record from Recorded Future News - The company confirmed on Tuesday that it “has been managing a cyber incident over the past few days” following a slew of customer complaints on social media. In an updated statement, the company said it would pause taking orders via its websites ...
3 days ago Therecord.media

Windows "inetpub" security fix can be abused to block future updates - After people installed this month's Microsoft Patch Tuesday security updates, Windows users suddenly found an "inetpub" folder owned by the SYSTEM account created in the root of the system drive, normally the C: drive. In an update to a security ...
3 days ago Bleepingcomputer.com CVE-2025-21204

Baltimore City Public Schools data breach affects over 31,000 people - In November 2020, Baltimore County Public Schools, a Maryland school district that manages all public schools in Baltimore County, Maryland, also disclosed a data breach following a ransomware attack that forced it to shut down its network due to the ...
3 days ago Bleepingcomputer.com

Russian Hackers Attempting to Sabotage The Digital Control System of a Dutch Public Service - This cyber sabotage attempt appears to be part of an intensifying campaign of Russian hybrid warfare targeting the Netherlands, which has also included interference in European elections and mapping of vital North Sea infrastructure including ...
3 days ago Cybersecuritynews.com

6 Best Security Awareness Training Platforms For MSPs in 2025 - More than 20,000 entities in over 50 countries have partnered with Wizer to offer security awareness training, recognizing that the platform is a modern alternative to traditional learning methods that can become outdated or boring. Additionally, ...
3 days ago Cybersecuritynews.com

North Korean Hackers Using GenAI to Get Remote Jobs Around the Globe - In a sophisticated operation that blends social engineering with cutting-edge technology, North Korean operatives have been leveraging generative artificial intelligence tools to secure remote technical positions in companies worldwide. Okta Security ...
3 days ago Cybersecuritynews.com

SAP fixes suspected Netweaver zero-day exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
3 days ago Bleepingcomputer.com CVE-2025-31324

SAP fixes critical Netweaver flaw exploited in attacks - "Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated watchTowr CEO Benjamin Harris. The vulnerability, ...
3 days ago Bleepingcomputer.com CVE-2025-31324

Chrome UAF Vulnerabilities Exploited in the Wild - In Chrome, UAFs have historically been a major source of critical security bugs, particularly within the browser process, which has direct access to sensitive user data and system resources. These flaws, rooted in improper memory management, have ...
3 days ago Cybersecuritynews.com

Hackers Exploiting MS-SQL Servers & Deploy Ammyy Admin for Remote Access - Security researchers have identified that threat actors are specifically exploiting poorly secured MS-SQL instances to install Ammyy Admin, a legitimate remote desktop software that can be misused for unauthorized access, alongside a privilege ...
3 days ago Cybersecuritynews.com

‘SessionShark' - New Toolkit That Evades Microsoft Office 365 MFA - The toolkit implements specialized “human verification techniques” to filter out automated security scanners and research bots, ensuring the phishing content remains hidden from security systems. A sophisticated new phishing toolkit named ...
3 days ago Cybersecuritynews.com

Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords - In recent statements about their security posture, TikTok has emphasized that “protected U.S. user data is stored in the Oracle Cloud, with controlled and monitored gateways that only approved personnel have access to”. Cyber Security ...
3 days ago Cybersecuritynews.com

FBI To Offer Reward Up to $10 Million Any Information on Salt Typhoon Hackers - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The government has published comprehensive guidance titled “Enhanced Visibility and Hardening Guidance for Communications ...
3 days ago Cybersecuritynews.com

159 CVEs Exploited in The Wild in Q1 2025, 8.3% of Vulnerabilities Exploited Within 1-Day - Particularly concerning is the finding that 25.8% of these Known Exploited Vulnerabilities (KEVs) are still awaiting or undergoing analysis by NIST’s National Vulnerability Database, creating additional challenges for security teams attempting ...
3 days ago Cybersecuritynews.com

FBI seeks help to unmask Salt Typhoon hackers behind telecom breaches - In January, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against Sichuan Juxinhe Network Technology, a Chinese cybersecurity firm believed to be directly involved in the Salt Typhoon telecom ...
3 days ago Bleepingcomputer.com

Spring Security Vulnerability Let Attackers Determine Which Usernames are Valid - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability affects Spring Security versions 5.7.16, 5.8.18, 6.0.16, 6.1.14, 6.2.10, 6.3.8, and 6.4.4. Patches are now ...
3 days ago Cybersecuritynews.com CVE-2025-22234

Russian VPS Servers With RDP, Proxy Servers Fuel North Korean Cybercrime Operations - Trend Micro researchers identified that a threat actor known as Void Dokkaebi (also called Famous Chollima) has been conducting extensive social engineering campaigns through fictitious companies like BlockNovas, which presented itself as a ...
3 days ago Cybersecuritynews.com

Microsoft's Symlink Patch Created New Windows DoS Vulnerability - Standard users can create these junction points on many default-configured systems, potentially preventing critical security updates from being installed system-wide. Security researcher Kevin Beaumont has discovered that this fix introduces a denial ...
3 days ago Cybersecuritynews.com

North Korean APT Hackers Create Companies to Deliver Malware Strains Targeting Job Seekers - A sophisticated North Korean advanced persistent threat (APT) group known as “Contagious Interview” has established elaborate fake cryptocurrency consulting companies to target job seekers with specialized malware. Their investigation ...
3 days ago Cybersecuritynews.com Lazarus Group

Trending Cyber News (last 7 days)

Thousands of Baltimore students, teachers affected by data breach following February ransomware attack | The Record from Recorded Future News - A Baltimore City Public Schools official confirmed to Recorded Future News that the incident was a ransomware attack but said no ransom was paid. Officials at Baltimore City Public Schools published a breach notice on Tuesday warning that a cyber ...
5 days ago Therecord.media

Hackers Exploiting Microsoft 365 OAuth Workflows to Target Organizations - “This latest series of attacks marks the second time since January 2025 that Russian threat actors have utilized little-known techniques to obtain access to M365 resources,” researchers concluded. In some instances, attackers use the ...
5 days ago Cybersecuritynews.com

Hackers Weaponized Google Forms to Evade Email Security & Steal Logins - Cyber Security News - The platform’s reputation as a legitimate Google service means that links to these forms frequently bypass email security controls that would generally flag suspicious URLs. Security researchers have observed attackers utilizing the HTTP POST ...
5 days ago Cybersecuritynews.com

Marks & Spencer Confirms a Cyberattack Hits Payments & Online Orders - The company has also fulfilled regulatory obligations by reporting the incident to the Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC). “The Company has engaged external cyber security experts to ...
5 days ago Cybersecuritynews.com Silence

How to Secure the Extended Enterprise - CISO Insights on Third-Party Risk - For Chief Information Security Officers (CISOs), mitigating third-party risks requires a strategic blend of technological rigor, contractual accountability, and cross-organizational collaboration. Recent high-profile supply chain attacks, such as ...
5 days ago Cybersecuritynews.com

ChatGPT Creates Working Exploit for CVE's Before Public PoCs Released - In a development that could transform vulnerability research, security researcher Matt Keeley demonstrated how artificial intelligence can now create working exploits for critical vulnerabilities before public proof-of-concept (PoC) exploits are ...
5 days ago Cybersecuritynews.com CVE-2025-32433

Synology Network File System Vulnerability Let Read Any File - The vulnerability, tracked as CVE-2025-1021 and detailed in a security advisory, was resolved in recent updates and affects multiple versions of the popular network-attached storage (NAS) operating system. This vulnerability enables unauthenticated ...
5 days ago Cybersecuritynews.com CVE-2025-1021

Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls - The security advisory, published on April 22, 2025, details the patches for CVE-2025-1731 and CVE-2025-1732, which impact multiple firmware versions of the company’s enterprise-grade security appliances. The discovery underscores the critical ...
5 days ago Cybersecuritynews.com CVE-2025-1731

Hackers Attacking Organization With New Malware Mimic as Networking Software Updates - The malware, which masquerades as legitimate updates for ViPNet secure networking software, enables attackers to steal sensitive data and deploy additional malicious components to compromised systems. The attack leverages a path substitution ...
5 days ago Cybersecuritynews.com

New Malware Hijacking Docker Images with Unique Obfuscation Technique - A newly discovered malware campaign is targeting Docker environments, employing a sophisticated, multi-layered obfuscation technique to evade detection and hijack compute resources for cryptojacking. Security researchers from Darktrace and Cado ...
5 days ago Cybersecuritynews.com

Ransomware groups test new business models to hit more victims, increase profits | The Record from Recorded Future News - While this type of extortion is not completely novel, with AlphV/BlackCat reportedly disclosing an incident to the U.S. Securities and Exchange Commission after a victim refused to make a ransom payment, Secureworks said it has not seen other ...
5 days ago Therecord.media LockBit Dragonforce

The Role of AI in Modernizing Cybersecurity Programs - In the face of relentless cyber threats and an ever-expanding digital attack surface, security leaders are under growing pressure to modernize their cybersecurity programs by leveraging AI in cybersecurity to enhance detection, response, and overall ...
5 days ago Cybersecuritynews.com

Microsoft fixes Windows Server 2025 blue screen, install issues - Microsoft also fixed a bug that caused authentication issues when Credential Guard was enabled on systems using the Kerberos PKINIT pre-auth security protocol, and it introduced a new Windows 11 24H2 safeguard hold for systems with SenseShield ...
5 days ago Bleepingcomputer.com

Hackers Exploited 17-year-old vulnerability to Weaponize Word Documents - Security researchers at Fortinet’s FortiGuard Labs have uncovered a sophisticated phishing campaign that uses weaponized Microsoft Word documents to deliver information-stealing malware to unsuspecting Windows users. “This vulnerability ...
5 days ago Cybersecuritynews.com Equation CVE-2017-11882

ASUS releases fix for AMI bug that lets hackers brick servers - After downloading the latest BMC firmware update (.ima file), you can apply it through the web interface > Maintenance > Firmware Update, select the file, and click 'Start Firmware Update.' It is also recommended that you check the 'Full Flash' ...
5 days ago Bleepingcomputer.com CVE-2024-54085

Russian army targeted by new Android malware hidden in mapping app - The spyware, which was discovered by researchers at Russian mobile antivirus company Doctor Web, hides inside a fully working Alpine Quest app, reducing suspicion and creating valuable data theft opportunities. A new Android malware has been ...
4 days ago Bleepingcomputer.com

Microsoft Boosts MSA Signing Service Security on Azure Following Storm-0558 Breach - “We have applied new defense-in-depth protections, migrated the Microsoft Account (MSA) signing service to run on Azure confidential VMs, and we are migrating the Entra ID signing service to Azure confidential VMs,” states the report, ...
6 days ago Cybersecuritynews.com

Sophisticated WordPress Ad-fraud Plugins Generated 1.4 Billion Ad Requests Per Day - The sophisticated scheme, recently disrupted by HUMAN’s Satori Threat Intelligence and Research team, exploited digital piracy through a collection of four WordPress extensions that redirect users through ad-laden intermediary pages before ...
6 days ago Cybersecuritynews.com Cloak

CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits - These advisories, published on April 22, 2025, provide detailed information on security flaws, associated Common Vulnerabilities and Exposures (CVEs), and recommended mitigations for affected organizations. A critical privilege-escalation ...
5 days ago Cybersecuritynews.com CVE-2024-11425

Cloudflare: Government-backed internet shutdowns plummet to zero in first quarter | The Record from Recorded Future News - “In the past, Cloudflare has seen governments primarily implementing internet shutdowns around national exams, and around (disputed) elections and/or protests, so fewer of these events in the first quarter may have been a factor,” a spokesperson ...
4 days ago Therecord.media Silence

Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Flaw - Cisco Systems has issued a critical security advisory confirming that multiple products across its portfolio are affected by a remote code execution (RCE) vulnerability in the Erlang/OTP SSH server (CVE-2025-32433). The vulnerability impacts critical ...
4 days ago Cybersecuritynews.com CVE-2025-32433

Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds - Meanwhile, Coin98 Wallet contained a vulnerability allowing attackers to send crafted messages with isDev:true parameter to the Content Script, making the Background Script believe commands came from the legitimate Wallet UI rather than a malicious ...
5 days ago Cybersecuritynews.com CVE-2023-40580

FBI: US lost record $16.6 billion to cybercrime in 2024 - According to the bureau's annual Internet Crime Complaint Center (IC3) report, IC3 recorded 859,532 complaints last year (256,256 with actual loss), amounting to an average loss of $19,372. Fraud represented the bulk of reported losses in 2024, and ...
5 days ago Bleepingcomputer.com

Ripple XPRL Official NPM Package Hijacked To Inject Private Key Stealing Malware - “This package is used by hundreds of thousands of applications and websites, making it a potentially catastrophic supply chain attack on the cryptocurrency ecosystem,” warned Charlie Eriksen, a malware researcher at Aikido Security. The ...
5 days ago Cybersecuritynews.com

FireEye EDR Agent Vulnerability Let Attackers Inject Malicious Code - The newly identified vulnerability enables a malicious third party to invoke a persistent denial of service condition in the FireEye EDR agent by sending a specially crafted tamper protection event to the HX service, which triggers an exception in ...
5 days ago Cybersecuritynews.com CVE-2025-0618

Millions impacted by data breaches at Blue Shield of California, mammography service and more | The Record from Recorded Future News - Just in the last week, Onsite Mammography, Kelly & Associates Insurance Group, Behavioral Health Resources, Hamilton Health Care System, Central Texas Pediatric Orthopedics and Medical Express Ambulance Service have all reported data breaches ...
4 days ago Therecord.media

CVE-2025-1731 - An incorrect permission assignment vulnerability in the PostgreSQL commands of the USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and ...
4 days ago CVE-2025-1732

Building A Unified Security Strategy: Integrating Digital Forensics, XDR, And EDR For Maximum Protection - To effectively counter these threats, organizations must integrate Digital Forensics, Extended Detection and Response (XDR), and Endpoint Detection and Response (EDR) into a unified security framework. It involves two main components: digital ...
5 days ago Cybersecuritynews.com

CVE-2025-1021 - Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors. ...
5 days ago

FBI Warns of Scammers Mimic as IC3 Employees to Defraud Individuals - “The threat actors have implemented multi-stage encryption and fileless execution methods that make traditional detection extremely difficult,” noted Senior IC3 Cyber Analyst Maria Chen. Cyber Security News is a Dedicated News Platform ...
5 days ago Cybersecuritynews.com

Active! Mail RCE flaw exploited in attacks on Japanese orgs - Late last week, Qualitia released a security bulletin about a stack-based buffer overflow vulnerability tracked under CVE-2025-42599 (CVSS v3 score: 9.8, "critical") impacting all versions of Active! up to and including 'BuildInfo: 6.60.05008561' on ...
5 days ago Bleepingcomputer.com CVE-2025-42599

Blue Shield of California leaked health data of 4.7 million members to Google - "On February 11, 2025, Blue Shield discovered that, between April 2021 and January 2024, Google Analytics was configured in a way that allowed certain member data to be shared with Google's advertising product, Google Ads, that likely included ...
5 days ago Bleepingcomputer.com Blacksuit

CVE-2024-13808 - The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.4.9 via the custom PHP widget. This is due to their only being client side controls when determining who can access ...
2 days ago

Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation - “This CVE is a masterclass in path abuse, trusted location redirection, and privilege escalation using native components — everything a red team loves and a blue team fears,” Cyberdom said to Cyber Security News. Security analysts have ...
6 days ago Cybersecuritynews.com CVE-2025-21204

New Rust Botnet Hijacking Routers to Inject Commands Remotely - Dubbed “RustoBot” due to its Rust-based implementation, this malware exploits critical vulnerabilities in TOTOLINK and DrayTek router models to execute remote command injections, potentially affecting technology industries across Japan, ...
6 days ago Cybersecuritynews.com

Hackers Leverage Legitimate MS Utility Tool to Inject a Malicious DLL Payload - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Just two months ago, researchers from Trend Micro uncovered a sophisticated attack campaign by Earth Preta (also known as ...
6 days ago Cybersecuritynews.com Mustang Panda

Windows 10 KB5055612 preview update fixes a GPU bug in WSL2 - Microsoft has released the optional KB5055612 preview cumulative update for Windows 10 22H2 with two changes, including a fix for a GPU paravirtualization bug in Windows Subsystem for Linux 2 (WSL2). Windows 10 users can also manually download and ...
5 days ago Bleepingcomputer.com

Beware of video call links that are attempts to steal Microsoft 365 access, researchers tell NGOs | The Record from Recorded Future News - The scheme typically starts with a phishing attempt through a messaging app like Signal or WhatsApp inviting potential victims “to join a video call to discuss the conflict in Ukraine,” Volexity says. The report does not link them to existing ...
5 days ago Therecord.media

The Evolving Role of the CISO - Balancing Risk and Innovation in the Digital Age - The CISO emerges as a critical bridge between technical rigor and business agility in this landscape, ensuring security frameworks adapt to technological advancements without stifling growth. Beyond technical oversight, CISOs now quantify cyber risks ...
5 days ago Cybersecuritynews.com

Patching Vulnerabilities Faster Reduces Risks & Lower Cyber Risk Index - Organizations implementing rapid patching protocols experienced a measurable decrease in their Cyber Risk Index (CRI), demonstrating the critical importance of timely security updates in an increasingly volatile threat landscape. Organizations ...
6 days ago Cybersecuritynews.com Equation

CISA Warns Threat Hunting Staff to Stop Using Censys & VirusTotal - “We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the April 16-dated notification sent to more than 500 CISA cyber threat hunters. Homeland ...
6 days ago Cybersecuritynews.com Hunters

TP-Link Router Vulnerabilities Let Attackers Inject Malicious SQL Commands - Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. TP-Link has been notified of these vulnerabilities, but as of this publication, no security patches have been confirmed as ...
6 days ago Cybersecuritynews.com

New Magecart Attack With Malicious JavaScript Steals Credit Card Data - The attack progression follows four distinct phases: initial back-end access using stolen credentials, web shell installation for persistent control, database poisoning through injection of obfuscated code, and finally, the credit card theft phase ...
5 days ago Cybersecuritynews.com

CVE-2025-0618 - A malicious third party could invoke a persistent denial of service vulnerability in FireEye EDR agent by sending a specially-crafted tamper protection event to the HX service to trigger an exception. This exception will prevent any further tamper ...
5 days ago

Hackers Abuse Cloudflare Tunnel Infrastructure to Deliver Multiple RATs - The evolution of this attack campaign demonstrates how threat actors continuously adapt their techniques to bypass security controls, emphasizing the importance of multi-layered detection approaches and continuous monitoring for similar attack ...
5 days ago Cybersecuritynews.com

Marks & Spencer confirms a cyberattack as customers face delayed orders - "Marks and Spencer Group plc (the Company, or M&S) has been managing a cyber incident over the past few days," reads the M&S statement. Marks & Spencer (M&S) has disclosed that it is responding to a cyberattack over the past few days ...
5 days ago Bleepingcomputer.com

Microsoft fixes Remote Desktop freezes caused by Windows updates - Today, Microsoft announced that a long-standing bug causing blue screen errors and installation issues on Windows Server 2025 systems with over 256 logical processors was resolved in updates released since the KB5046617 cumulative update issued ...
5 days ago Bleepingcomputer.com

Critical Langflow Vulnerability Allows Malicious Code Injection - Technical Details Revealed - Cybersecurity researchers have uncovered a critical remote code execution (RCE) vulnerability in Langflow, an open-source platform widely used for visually composing AI-driven agents and workflows. The security flaw affects all Langflow versions ...
4 days ago Cybersecuritynews.com