CyberSecurityBoard
Sponsor Register Login

Cyber News

CyberSecurityBoard.com is a cyber news aggregator platform with all of the top news, blogs, podcasts and more about Cyber Security, InfoSec, Cryptography, Online Privacy, Hacking, Vulnerability and Threat Research into one place. CyberSecurityBoard's ultimate goal is providing a useful and effective tool to help you getting a better understanding and quicker overview of everything happening in the world of Cybersecurity.

Latest Cyber News

Server-Side Phishing Attacks Employees & Member Portals to Steal Login Credentials - The campaign utilizes cloned login pages designed to harvest credentials through PHP-based phishing kits, with the attackers implementing server-side validation techniques to avoid detection by security tools and researchers. function ...
2 hours ago Cybersecuritynews.com
2 Apple iPhone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks - Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone. The vulnerabilities, identified in the ...
2 hours ago Cybersecuritynews.com CVE-2025-31201
Over 16,000 Fortinet devices compromised with symlink backdoor - Last week, Fortinet warned customers that they had discovered a new persistence mechanism used by a threat actor to retain read-only remote access to files in the root filesystem of previously compromised but now patched FortiGate devices. As ...
3 hours ago Bleepingcomputer.com
CISA warns of potential data breaches caused by legacy Oracle Cloud leak | The Record from Recorded Future News - CloudSEK, CybelAngel and several other cybersecurity firms confirmed the threat actor, known as “rose87168,” was selling 6 million records extracted from Oracle Cloud’s Single Sign-On (SSO) and Lightweight Directory Access Protocol (LDAP) ...
4 hours ago Therecord.media
Beware of Online PDF Converters That Tricks Users to Install Password Stealing Malware - The malicious websites, including domains such as candyxpdf[.]com and candyconverterpdf[.]com, deploy an elaborate social engineering tactic designed to harvest sensitive information from unsuspecting users seeking to convert document formats. The ...
5 hours ago Cybersecuritynews.com
Google blocked over 5 billion ads in 2024 amid rise in AI-powered scams - "To fight back, we quickly assembled a dedicated team of over 100 experts to analyze these scams and develop effective countermeasures, such as updating our Misrepresentation policy to suspend advertisers that promote these scams," explains Google's ...
5 hours ago Bleepingcomputer.com
Researchers Deanonymized Medusa Ransomware Group's Onion Site - The server is hosted on a network routed via SELECTEL in Russia (AS49505) and runs Ubuntu Linux with OpenSSH 8.9p1. The server exposes three services: SSH on port 22, HTTP on port 80, and an additional HTTP service on port 3000. Most notably, the ...
5 hours ago Cybersecuritynews.com Medusa Ransomware blog
Jira Down - Atlassian Jira Outage Disrupts Dashboard Access for Users Globally - Atlassian, the company behind Jira, a leading project management and issue-tracking platform, is grappling with a significant service disruption that has left users unable to load certain Dashboard widgets. According to Atlassian’s incident report, ...
5 hours ago Cybersecuritynews.com
Interlock Ransomware Employs Multi-Stage Attack Via Legitimate Websites to Deliver Malicious Browser Updates - In early 2025, the operators expanded their tactics by switching from browser update lures to security software updaters, masquerading as FortiClient, Ivanti Secure Access Client, GlobalProtect, and other security products. These fake updaters are ...
6 hours ago Cybersecuritynews.com
Apple fixes two zero-days exploited in targeted iPhone attacks - "Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS," reads an Apple security bulletin released today. Apple released emergency security updates to ...
6 hours ago Bleepingcomputer.com CVE-2025-24085
New Windows TaskManager Vulnerabilities Allows Command Execution as SYSTEM User - Cybersecurity researchers have demonstrated that by crafting malicious XML files with manipulated metadata, such as author tags filled with oversized buffers, attackers can poison task event logs and even overflow security logs like Security.evtx. ...
6 hours ago Cybersecuritynews.com
3 Malware Tactics Used To Evade Detection By Corporate Security: See Examples  - Evasion tactics give attackers time, cover, and control while keeping security teams in the dark. These tricks don’t change how the text looks to the user, but they confuse detection tools that rely on reading code or command-line input as it’s ...
7 hours ago Cybersecuritynews.com
Why Modern CISOs Must Be Business Translators, Not Just Technologists - This evolution means that modern CISOs must excel as technologists and business translators professionals who can bridge the gap between complex technical realities and the organization’s strategic objectives. By translating technical risks into ...
7 hours ago Cybersecuritynews.com
Securing Digital Identities - Best Practices for CISOs - This article explores the best practices for securing digital identities, focusing on strategic mindset shifts, proactive technical measures, and the importance of cross-functional collaboration to future-proof identity security. By embedding ...
7 hours ago Cybersecuritynews.com
The Psychology of Social Engineering - What Security Leaders Should Know - Creating psychological resilience against social engineering demands that security leaders adopt a fundamentally different approach to human security aspects. Effective security leaders understand that building true organizational resilience requires ...
7 hours ago Cybersecuritynews.com
Hackers Attacking Investors Via Fraud Networks to Steal Financial Data - A sophisticated cybercriminal campaign targeting Indian investors through fraudulent stock and cryptocurrency schemes has escalated, with hackers leveraging social engineering, fake mobile applications, and compromised government websites to steal ...
7 hours ago Cybersecuritynews.com
Hackers Weaponize Gamma Tool Via Cloudflare Turnstile to Steal Microsoft Credentials - Abnormal Security researchers identified this campaign as part of a growing trend of “living-off-trusted-sites” (LOTS) attacks, where threat actors exploit legitimate services to host malicious content. This campaign highlights the ...
7 hours ago Cybersecuritynews.com
CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse | The Record from Recorded Future News - Many in the cybersecurity community expressed alarm on Tuesday following a letter from Yosry Barsoum, MITRE’s vice president and director of the Center for Securing the Homeland, which warned that funding for the CVE program was expiring and the ...
8 hours ago Therecord.media
Google begins unifying search country domains to Google.com - As spotted by digital marketer Lily Ray, Google's AI Overviews, which summarizes internet content, struggles to show relevant location-based results. In 2017, Google made a change to its search engine that allows it to show results specifically ...
9 hours ago Bleepingcomputer.com
Jira Down: Atlassian users experiencing degraded performance - Atlassian users are experiencing degraded performance amid an 'active incident' affecting multiple Jira products since morning hours today. Similar status updates have been issued for Atlassian offerings like Jira Service Management, Jira ...
9 hours ago Bleepingcomputer.com
Securing SaaS Applications - Best Practices for CISO Oversight - By building these elements into a cohesive strategy, CISOs can establish sustainable SaaS security approaches that adapt to evolving threats and changing business requirements while maintaining adequate protection for the organization’s most ...
10 hours ago Cybersecuritynews.com
Hackers Exploiting NTLM Spoofing Vulnerability in the Wild - CVE-2025-24054 specifically involves the external control of file names or paths in Windows, allowing malicious actors to trigger SMB (Server Message Block) authentication requests that leak NTLMv2-SSP hashes during routine file operations. Check ...
10 hours ago Cybersecuritynews.com CVE-2025-24054
APT29 Hackers Employs GRAPELOADER in New Attack Against European Diplomats - A sophisticated phishing campaign by Russian-linked threat group APT29 has been actively targeting European diplomatic entities since January 2025, according to a recent security report. Additionally, the malware employs an evasion technique when ...
10 hours ago Cybersecuritynews.com Cozy Bear APT29
41% of Attacks Bypass Defenses: Adversarial Exposure Validation Fixes That - The Picus Security Validation Platform provides exactly that, unifying Breach and Attack Simulation (BAS) and Automated Penetration Testing (APT) under one platform to break tool silos and consolidate security testing. Despite years of investment in ...
10 hours ago Bleepingcomputer.com
CISA Provides Last-Minute Support to Keep CVE Program Running - The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has extended its contract with MITRE Corporation, ensuring the uninterrupted operation of the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global cybersecurity ...
10 hours ago Cybersecuritynews.com
SquareX to Uncover Data Splicing Attacks at BSides San Francisco, A Major DLP Flaw that Compromises Data Security of Millions - Titled “Data Splicing Attacks: Breaking Enterprise DLP from the Inside Out”, the talk will demonstrate multiple data splicing techniques that will allow attackers to exfiltrate any sensitive file or clipboard data, completely bypassing major Data ...
10 hours ago Cybersecuritynews.com
Dell Alienware Command Center Vulnerability Let Attackers Escalate Privileges - According to Dell’s security advisory, “A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges” on the affected system. This indicates that while the ...
10 hours ago Cybersecuritynews.com CVE-2024-22450
First Time Ever AI Bad Bots Accounts 51% Traffic Suppresses Human Traffic - In a watershed moment for internet traffic patterns, automated bots have officially surpassed human activity for the first time in history, accounting for a staggering 51% of all web traffic in 2024, according to Imperva’s latest Bad Bot ...
11 hours ago Cybersecuritynews.com
Chinese firm tied to Uyghur rights abuses now training Tibet police on hacking techniques | The Record from Recorded Future News - SDIC Intelligence Xiamen Information Co Ltd, a digital forensics company better known as Meiya Pico, won a contract in mid-2023 to build two labs at the Tibet Police College: one on offensive and defensive cyber techniques and the other on electronic ...
11 hours ago Therecord.media
CISA extends funding to ensure 'no lapse in critical CVE services' - Before CISA's announcement, a group of CVE Board members announced the launch of the CVE Foundation, a non-profit organization established to secure the CVE program's independence in light of MITRE's warning that the U.S. government might not renew ...
11 hours ago Bleepingcomputer.com
British law firm fined after ransomware group publishes confidential client data | The Record from Recorded Future News - DPP only became aware data had been stolen when it was contacted by the National Crime Agency to be informed that data relating to its clients had been posted on the dark web, according to the official monetary penalty notice. Although the company ...
11 hours ago Therecord.media
Chinese Hackers Using New BRICKSTORM Malware to Attack Windows & Linux Machines - Notably, unlike the Linux variant reported by Mandiant, the Windows samples lack direct command execution capabilities—a suspected deliberate choice to evade detection by security solutions that analyze parent-child process relationships. The ...
12 hours ago Cybersecuritynews.com
Hackers Revealed the Exploit Method Used to Hack 4chan Messageboard - “The hack was likely caused by 4chan using an extremely out-of-date version of PHP that has a lot of vulnerabilities and exploits and is using deprecated functions to interact with [their] MySQL database,” reported security researcher ...
13 hours ago Cybersecuritynews.com
Microsoft warns of blue screen crashes caused by April updates - Earlier this week, Microsoft released emergency Windows updates to address an issue affecting local audit logon policies in Active Directory Group Policy and warned admins that Windows Server 2025 domain controllers might become inaccessible after ...
13 hours ago Bleepingcomputer.com
Automating Threat Intelligence: Tools And Techniques For 2025 - Automated threat intelligence leverages artificial intelligence (AI), machine learning (ML), and orchestration platforms to collect, analyze, and act on vast amounts of threat data in real time. These platforms offer features like real-time threat ...
13 hours ago Cybersecuritynews.com
How CISOs Can Create a Culture of Cybersecurity Accountability - Over time, organizations with strong accountability cultures exhibit clear signs: employees raise security questions unprompted, business units proactively assess risks, and security considerations are naturally integrated into project planning and ...
13 hours ago Cybersecuritynews.com
Threat Intelligence Feeds Flood Analysts With Data, But Context Still Lacking - By combining external threat data with internal risk assessments, contextual threat intelligence helps organizations measure the risk level of alerts or vulnerabilities in relation to their business and technical assets, ensuring that the most ...
13 hours ago Cybersecuritynews.com
Hacktivist Turns More Sophisticated Targeting Critical Infrastructure to Deploy Ransomware - This sophisticated evolution of hacktivist capabilities signals a concerning new chapter in cyber conflict, where ideologically motivated actors now possess the technical prowess to significantly disrupt critical infrastructure and extort substantial ...
13 hours ago Cybersecuritynews.com
New Threats Every CISO Should Watch in 2025 - The commoditization of offensive AI tools on dark web marketplaces has also democratized access to these capabilities, putting them within reach of less sophisticated threat actors and dramatically expanding the threat surface that security teams ...
13 hours ago Cybersecuritynews.com
New Phishing Attack Targeting Job Seekers via WhatsApp Offers - “These attacks are getting more sophisticated – using convincing branding, login portals, and even pressure tactics like ‘equipment purchases’ to extract credentials and cash,” Eshed, Co-Founder and CEO at LayerX Security, ...
13 hours ago Cybersecuritynews.com
CISA Releases 9 ICS Advisories Covering Vulnerabilities & Exploits - The Cybersecurity and Infrastructure Security Agency (CISA) has released nine Industrial Control Systems (ICS) advisories on April 15, 2025, addressing significant security vulnerabilities in products from major industrial manufacturers including ...
13 hours ago Cybersecuritynews.com CVE-2025-30280
Security is a Team Sport - How CISOs Collaborate Across the Org - In today’s complex cybersecurity landscape, the role of the Chief Information Security Officer (CISO) has evolved dramatically from a purely technical position to a strategic leadership role that demands business acumen and ...
13 hours ago Cybersecuritynews.com
Microsoft: Some devices offered Windows 11 upgrades despite Intune blocks - "While we work to address the issue, admins in impacted organizations may be able to circumvent impact by pausing Windows Feature Updates until the code fix has been developed, tested, and deployed," Microsoft said. Redmond acknowledged the issue ...
14 hours ago Bleepingcomputer.com
Hackers Abuse Node.js to Deliver Malware & Steal Data - Attracting malicious code within Node.js executables or npm (Node Package Manager) packages allows attackers to blend their malware with legitimate applications, evade detection, and persist within target environments. These installers contain ...
14 hours ago Cybersecuritynews.com
CVE Foundation Launched to Ensure the Long-term Vulnerability Tracking - Its unique identifiers and open database have enabled security teams, vendors, and governments worldwide to coordinate responses to emerging cyber threats, underpinning the security of the digital ecosystem. Experts warned that any interruption could ...
14 hours ago Cybersecuritynews.com
Why Phishing Remains the #1 Cyber Threat and How to Stop It - Unlike many cyber threats that rely solely on technical vulnerabilities, phishing exploits natural human tendencies such as trust, urgency, and curiosity. Additionally, adopting zero-trust security frameworks, which require continuous verification of ...
15 hours ago Cybersecuritynews.com
Oracle Security Update - Patch for 378 Vulnerabilities Including Remote Exploits - “Oracle strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay,” the company stated in its advisory. Oracle Database Server versions 19.3-19.26, 21.3-21.17, ...
15 hours ago Cybersecuritynews.com
Chinese UNC5174 Actors Added New Open Source Tool & C2 Infrastructure to Their Arsenal - Cyber Security News - The group, known for targeting government institutions and critical infrastructure across Southeast Asia and North America, has expanded their arsenal with a modified version of an open-source remote access tool that enables persistent access to ...
15 hours ago Cybersecuritynews.com
Incident Response Teams Call For Unified Logging Standards In Breach Scenarios - In today’s rapidly evolving cybersecurity landscape, incident response teams are increasingly advocating for unified logging standards to effectively combat security breaches. When selecting logs for security incident response, organizations ...
16 hours ago Cybersecuritynews.com
Why Threat Intelligence is Crucial for Modern Cyber Defense - Threat intelligence transforms raw data into actionable insights by analyzing adversaries’ tactics, techniques, and procedures (TTPs), empowering security teams to shift from reactive firefighting to strategic defense. Proactive Threat Hunting: ...
16 hours ago Cybersecuritynews.com
Motorious 4chan Forum Hacked and the Internal Data Leaked - Security expert Alon Gal, co-founder of cybercrime monitoring company Hudson Rock, stated that the hack “looks legit,” citing publicly circulating screenshots showing 4chan’s backend infrastructure. In a post on their platform, they ...
16 hours ago Cybersecuritynews.com
Authorities Dismantled 4 Encrypted Cyber Criminals Communication Platforms - As investigators continue to analyze the seized data, additional arrests are expected in the coming months, further dismantling the criminal networks that had operated under the false security of encrypted communications. “Years after their ...
17 hours ago Cybersecuritynews.com
MITRE warns that funding for critical CVE program expires today - The program is widely adopted across various cybersecurity tools, including vulnerability management systems, and it allows tracking all newly discovered vulnerabilities using CVE Identifiers (CVE IDs) assigned by CVE Numbering Authorities (CNAs) ...
18 hours ago Bleepingcomputer.com
Using Threat Intelligence To Combat Advanced Persistent Threats (APTs) - By incorporating threat intelligence feeds into security operations, organizations gain valuable insights into the tactics, techniques, and procedures (TTPs) used by known APT groups. Modern platforms integrate contextual intelligence feeds, helping ...
18 hours ago Cybersecuritynews.com
Windows 11 Escalation Vulnerability Let Attackers Gain Admin Access - “This vulnerability represents a classic DLL hijacking scenario with a challenging timing element,” John Ostrowski of Compass Security said to Cyber Security News. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber ...
18 hours ago Cybersecuritynews.com CVE-2025-24076
Funding Expires for Key Cyber Vulnerability Database – Krebs on Security - “What the CVE lists really provide is a standardized way to describe the severity of that defect, and a centralized repository listing which versions of which products are defective and need to be updated,” said Matt Tait, chief operating ...
20 hours ago Krebsonsecurity.com CVE-2024-43573
Critical Chrome Vulnerability Let Attackers Steal Data & Gain Unauthorized Access - Google has issued an urgent security update for its Chrome browser after two critical vulnerabilities were discovered. This vulnerability can allow attackers to execute arbitrary code by exploiting how Chrome processes certain media files, ...
22 hours ago Cybersecuritynews.com CVE-2025-3619
MITRE warns of lapse with CVE program as contract with US set to expire | The Record from Recorded Future News - The MITRE Corporation said on Tuesday that its stewardship of the CVE program — which catalogs all public cybersecurity vulnerabilities — may be ending this week because the federal government has decided not to renew its contract with the ...
1 day ago Therecord.media
ChatGPT 4.1 early benchmarks compared against Google Gemini - For example, GPT‑4.1 scores 54.6% on SWE-bench Verified, which is better than GPT-4o by 21.4% and 26.6% over GPT‑4.5. We have similar results on other benchmarking tools shared by OpenAI, but how does it compete against Gemini ...
1 day ago Bleepingcomputer.com
ChatGPT 4.1 fails to beat Google Gemini 2.5 in early benchmarks - According to benchmarks shared by Stagehand, which is a production-ready browser automation framework, Gemini 2.0 Flash has the lowest error rate (6.67%) along with the highest exact‑match score (90%), and it’s also cheap and fast. ...
1 day ago Bleepingcomputer.com
Midnight Blizzard deploys new GrapeLoader malware in embassy phishing - Due to the campaign being highly targeted and the malware running entirely in memory, Check Point was unable to retrieve WineLoader's full second-stage payload or additional plugins, so the full spectrum of its capabilities or tailored nature per ...
1 day ago Bleepingcomputer.com APT29
MITRE's Support for CVE Program Set to Expire - Internal Letter Leaked Online - A letter from MITRE, dated April 15, 2025, has leaked online claimed to be revealed from a reliable source that the organization’s contract to support the Common Vulnerabilities and Exposures (CVE) program is due to expire today, April 16, 2025, ...
1 day ago Cybersecuritynews.com
Microsoft 365 Outage - Admins are Unable to Access the Microsoft 365 Admin Center - We’re routing traffic to alternate infrastructure as a potential mitigation,” Microsoft stated in the update, directing users to for more details or to follow incident ID MO1056087 if the Admin Center is accessible. We're investigating an ...
1 day ago Cybersecuritynews.com
Landmark Admin data breach impact now reaches 1.6 million people - Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory reporting, reinsurance support, and IT systems for major insurers nationwide like Liberty Bankers Life and American Benefit Life. In an updated filing at ...
1 day ago Bleepingcomputer.com
China accuses NSA of launching cyberattacks on Asian Winter Games | The Record from Recorded Future News - In March, the Department of Justice unsealed indictments of 12 people accused of hacking on behalf of the Chinese government, including employees at the cybersecurity firm i-Soon, the Ministry of Public Security, and alleged members of the Salt ...
1 day ago Therecord.media
Infamous message board 4chan taken down following major hack - While those who claimed the attack didn't share how they gained access to 4chan's systems, some said the forum was likely breached because it used a severely outdated PHP version from 2016, unpatched against many security ...
1 day ago Bleepingcomputer.com
Why 78% of Security Leaders Are Rethinking Their Entire Cyber Strategy in 2025 - By building security strategies that acknowledge the realities of today’s threat landscape while aligning with business objectives, they’re positioning their organizations to thrive despite the challenging security environment of 2025. ...
1 day ago Cybersecuritynews.com
Data Poisoning: The Next Evolution of Ransomware That No One is Ready For - Wouldn’t it be reassuring to know that even in a world where digital deception is on the rise, your business had an extra layer of protection? While no single tool can completely eliminate cyber threats, integrating verification measures like these ...
1 day ago Cybersecuritynews.com
How and Why Threat Hunting Teams Investigate Linux Malware Attacks - TI Lookup allows you to search across threat data extracted from the latest malware and phishing samples analyzed by over 500,000 professionals and 15,000 companies around the globe in ANY.RUN’s Interactive Sandbox. This makes it particularly ...
1 day ago Cybersecuritynews.com
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 - Microsoft also warned Office users in a separate support document not to open unexpected file attachments or change ActiveX settings when prompted by random pop-ups and unknown people. Microsoft announced it will begin disabling all ActiveX controls ...
1 day ago Bleepingcomputer.com
New PasivRobber Malware Steals Data From macOS Systems and Applications - The malware deploys specialized “Robber” dylibs—including libWXRobber.dylib, libNTQQRobber.dylib, and libQQRobber.dylib—that target specific applications to steal credentials and communications data. OSINT research links the malware ...
1 day ago Cybersecuritynews.com
Spotting Phishing Attacks with Image Verification Techniques - Phishing refers to the tactic used by scammers who impersonate reputable brands and lure victims to click on suspicious links so that they can breach the privacy and sensitive data of individuals. You can call image-based phishing a relatively ...
1 day ago Cybersecuritynews.com
Microsoft: Exchange 2016 and 2019 reach end of support in six months - This week's warning comes after Microsoft reminded IT admins in January that Exchange Server 2016 and Exchange Server 2019 will no longer receive technical support starting in October. The Exchange Server Engineering Team also shared guidance for ...
1 day ago Bleepingcomputer.com
Microsoft Asks Windows 11 Users Not to Delete Mysterious “inetpub” Folder - While the sudden appearance of an empty folder might trigger security concerns for vigilant Windows users, the directory represents an important security enhancement rather than a threat in this case. Microsoft’s implementation demonstrates a ...
1 day ago Cybersecuritynews.com CVE-2025-21204
Progress WhatsUp Gold Unauthenticated Wireless MAC Group Manipulation - Research Advisory | Tenable® - Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Enjoy full access to a modern, cloud-based vulnerability management platform that enables you ...
1 day ago Tenable.com

Trending Cyber News (last 7 days)

US to sign Pall Mall pact aimed at countering spyware abuses | The Record from Recorded Future News - The announcement comes nearly a week after 21 countries signed a voluntary and non-binding Code of Practice outlining how they intend to jointly regulate commercial cyber intrusion capabilities (CCICs) and combat spyware companies whose products have ...
6 days ago Therecord.media
South African telecom provider serving 7.7 million confirms data leak following cyberattack | The Record from Recorded Future News - In previous incidents, RansomHouse has claimed responsibility for attacks on major organizations, including chip manufacturer Advanced Micro Devices (AMD), supermarket chain Shoprite Group and the Saskatchewan Liquor and Gaming Authority. South ...
6 days ago Therecord.media
Tycoon2FA phishing kit targets Microsoft 365 with new tricks - In a separate but related report, Trustwave says it has identified a dramatic increase in phishing attacks using malicious SVG (Scalable Vector Graphics) files, driven by PhaaS platforms like Tycoon2FA, Mamba2FA, and Sneaky2FA. Trustwave underlines ...
4 days ago Bleepingcomputer.com
Trump Revenge Tour Targets Cyber Leaders, Elections – Krebs on Security - Incredibly, the president’s memo seeking to ostracize Krebs stands reality on its head, accusing Krebs of promoting the censorship of election information, “including known risks associated with certain voting practices.” Trump also ...
1 day ago Krebsonsecurity.com Hunters
RansomHub Ransomware-as-a-service Facing Internal Conflict as Affiliates Lost Access to Chat Portals - Unlike many competitors, RansomHub implemented a business model that directed ransom payments either directly to affiliates or split them at the point of transaction, significantly reducing the risk of “exit-scamming” – a common problem ...
4 days ago Cybersecuritynews.com Dragonforce Black Basta Ransomhub
Malicious NPM Packages Targeting PayPal Users to Steal Sensitive Data - FortiGuard Labs, Fortinet’s AI-driven threat intelligence arm, has uncovered a series of malicious NPM packages designed to steal sensitive information from developers and target PayPal users. Detected between March 5 and March 14, 2025, these ...
4 days ago Cybersecuritynews.com
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities - The CL0P ransomware group exploited vulnerabilities to access sensitive employee data, including names and Social Security numbers. SonicWall has patched three vulnerabilities in its NetExtender VPN client for Windows (versions prior to 10.3.2). ...
3 days ago Cybersecuritynews.com CVE-2025-29824 Scattered Spider SideCopy
Russian APT Hackers Using Device Code Phishing Technique to Bypass MFA - To defend against these sophisticated attacks, cybersecurity professionals should implement conditional access policies that restrict authentication based on device compliance and geographic location, regularly audit OAuth token requests, deploy ...
6 days ago Cybersecuritynews.com
Hackers using AI-produced audio to impersonate tax preparers, IRS | The Record from Recorded Future News - Patrick Tiquet, a vice president at Keeper Security, noted that cybercriminals can now create realistic video and audio impersonations of IRS agents, tax professionals or even family members, tricking individuals into divulging information like ...
2 days ago Therecord.media
Microsoft warns of blue screen crashes caused by April updates - Earlier this week, Microsoft released emergency Windows updates to address an issue affecting local audit logon policies in Active Directory Group Policy and warned admins that Windows Server 2025 domain controllers might become inaccessible after ...
13 hours ago Bleepingcomputer.com
SonicWall Patches Multiple Vulnerabilities in NetExtender VPN Client For Windows - For organizations unable to update immediately, security experts recommend implementing network segmentation and applying the principle of least privilege to minimize potential attack surfaces until patches can be deployed. Administrators should ...
6 days ago Cybersecuritynews.com CVE-2025-23008
AI-hallucinated code dependencies become new supply chain risk - Although there are no signs that attackers have started taking advantage of this new type of attack, researchers from open-source cybersecurity company Socket warn that hallucinated package names are common, repeatable, and semantically plausible, ...
4 days ago Bleepingcomputer.com
Chinese eCrime Hacker Group Attacking Users in 120+ Coutries to Steal Banking Credentials - The kit’s session management capabilities track victim progress through the phishing flow, with Chinese-language status messages in the JavaScript indicating: “当前正在首页” (Currently on the home page), ...
3 days ago Cybersecuritynews.com
Moroccan cybercrime group Atlas Lion hiding in plain sight during attacks on retailers | The Record from Recorded Future News - Expel’s research echoed much of what Microsoft found last year — illustrating that Atlas Lion has shown an aptitude for leveraging cloud infrastructure and using internal documentation to learn more about how best to fraudulently issue gift ...
6 days ago Therecord.media
Google Released AI-powered Firebase Studio to Accelerate Build, Test, & Deployment - Firebase Studio is built on the foundation of Project IDX, Genkit, and Gemini, providing a unified agentic experience that empowers developers to move faster and build more innovative applications. This innovative tool integrates the power of Gemini ...
6 days ago Cybersecuritynews.com
Rep. Green on CISA cuts, China hacking and cyber as a bipartisan issue | The Record from Recorded Future News - In a keynote address at the Vanderbilt University Summit on Modern Conflict and Emerging Threats on Friday, the chair of the House Homeland Security Committee said his panel was prepared to take on pressing cyber policy challenges, like an estimated ...
2 days ago Therecord.media
Govtech giant Conduent confirms client data stolen in January cyberattack - Conduent is a business services company that provides digital platforms and solutions for government and commercial clients in transportation, healthcare, customer experience, and human resources. In a new FORM-8K filing with the SEC today, Conduent ...
2 days ago Bleepingcomputer.com
Russian hackers attack Western military mission using malicious drive - The Russian state-backed hacking group Gamaredon (aka “Shuckworm”) has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. Symantec threat researchers say the ...
6 days ago Bleepingcomputer.com
AMD CPU Signature Verification Vulnerability Let Attackers Load Malicious Microcode - However, the fact that Google’s researchers were able to successfully bypass AMD’s microcode signature verification highlights a potential weakness in the security architecture of modern processors that could have significant implications ...
5 days ago Cybersecuritynews.com CVE-2024-36347
Lab provider for Planned Parenthood discloses breach affecting 1.6 million people | The Record from Recorded Future News - The stolen data includes medical information like dates of service, diagnosis, treatments, lab results, treatment locations and the details of the care provided alongside personal information like health insurance numbers, bank account details, ...
5 days ago Therecord.media
ViperSoftX Malware Attacking Users via Cracked Software - Following successful execution, the malware proceeds to download and execute additional payloads including PureCrypter, a commercial .NET packer that employs protobuf libraries for network communication, and Quasar RAT, an open-source remote access ...
4 days ago Cybersecuritynews.com
Scattered Spider Employs Sophisticated Attacks to Steal Login Credentials & MFA Tokens - To counter this threat, Silent Push has developed Indicators of Future Attack (IOFA) feeds that track Scattered Spider infrastructure, including recently observed domains like “klv1.it.com” targeting Klaviyo and multiple others ...
6 days ago Cybersecuritynews.com Scattered Spider
CVE-2025-3423 - IBM Aspera Faspex 5.0.0 through 5.0.11 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials ...
3 days ago
Hackers Allegedly Leaked 1.59 Million Rows of Indian Insurance Users Sensitive Data - The Sample data analyzed by Cyber Security News contains information about employees of prominent insurance companies, including HDFC Ergo, Bajaj Allianz, ICICI Lombard, and others. This breach follows several other high-profile incidents in ...
2 days ago Cybersecuritynews.com
British law firm fined after ransomware group publishes confidential client data | The Record from Recorded Future News - DPP only became aware data had been stolen when it was contacted by the National Crime Agency to be informed that data relating to its clients had been posted on the dark web, according to the official monetary penalty notice. Although the company ...
11 hours ago Therecord.media
0-Click RCE in the SuperNote Nomad E-ink Tablet Lets Hackers Install Rootkit & Gain Full Control - This was problematic because the tablet’s firmware update process, which scans the EXPORT directory for updates, required a file named exactly update.zip to trigger an installation. By downloading an unencrypted firmware image from Ratta ...
4 days ago Cybersecuritynews.com CVE-2025-32409
CVE-2024-56406 - A heap buffer overflow vulnerability was discovered in Perl. ...
3 days ago
Tycoon 2FA Phishing Kit Employs New Evasion Techniques to Bypass Endpoint Detection Systems - At its core, Tycoon 2FA employs three principal evasion techniques: custom CAPTCHA implementation through HTML5 canvas, JavaScript obfuscation using invisible Unicode characters, and aggressive anti-debugging measures that prevent security analysis. ...
3 days ago Cybersecuritynews.com
Beware of $5 SMS Phishing Attack Targeting Toll Road Users - A widespread and ongoing SMS phishing (smishing) campaign targeting toll road users across the United States has been identified, posing a significant threat to motorists’ financial security. Since mid-October 2024, cybercriminals have been ...
2 days ago Cybersecuritynews.com
Integrate Modern Strategies for Zero Trust with Identity & Access Management (IAM) - The implementation of Zero Trust in identity and access management requires careful consideration of several critical elements that work together to create a comprehensive security framework. Leaders who approach Zero Trust as a strategic business ...
2 days ago Cybersecuritynews.com
Microsoft 365 Family Subscriptions Users Hit by Licensing Glitch Denies Services - The issue appears to be isolated to users with Microsoft 365 Family subscriptions, affecting their ability to access services like Word, Excel, PowerPoint, and OneDrive. Microsoft 365 Family subscribers are currently facing disruptions in accessing ...
6 days ago Cybersecuritynews.com
Microsoft: Licensing issue blocks Microsoft 365 Family for some users - Microsoft is investigating a potential licensing issue blocking access to Microsoft 365 services for some customers with Family subscriptions. After a massive wave of user reports on social media and the company's community website, Microsoft ...
6 days ago Bleepingcomputer.com
Hands-On Labs: The Key to Accelerating CMMC 2.0 Compliance - Cyber Security News - INE Security, a leading global provider of cybersecurity training and certifications, is highlighting how hands-on cybersecurity labs are proving critical for organizations seeking to achieve compliance efficiently and effectively. Harnessing a ...
5 days ago Cybersecuritynews.com
CISOs Respond to Surge in AI-Powered Attacks with Advanced Defense Strategies - As AI becomes central to both attack and defense strategies, organizations must invest in building specialized expertise within their security teams. Unlike traditional attacks, which often rely on manual effort or simple automation, AI-powered ...
2 days ago Cybersecuritynews.com
VMware ESXi 8.0 Update 3e Released for Free, What's New! - This marks a significant policy reversal after Broadcom discontinued the free ESXi offering following its acquisition of VMware, a move that had pushed many users toward alternative virtualization platforms. Broadcom has officially reintroduced the ...
2 days ago Cybersecuritynews.com
CVE-2025-3512 - There is a Heap-based Buffer Overflow vulnerability in QTextMarkdownImporter. This requires an incorrectly formatted markdown file to be passed to QTextMarkdownImporter to trigger the overflow.This issue affects Qt from 6.8.0 to 6.8.4. Versions up to ...
5 days ago
100,000 WordPress Sites Vulnerable to Rogue Creation Vulnerability - The security issue stems from an authentication bypass in the plugin’s REST API endpoint handling, which fails to properly validate empty secret key values. A critical vulnerability affecting over 100,000 WordPress websites has been discovered ...
4 days ago Cybersecuritynews.com
STRIDE GPT - AI-powered Tool LLMs To Generate Threat Models - STRIDE GPT, an AI-powered threat modeling tool, leverages the capabilities of large language models (LLMs) to generate comprehensive threat models and attack trees for applications, ensuring a proactive approach to security. In conclusion, STRIDE GPT ...
3 days ago Cybersecuritynews.com Inception
Threat Actors Manipulate Search Results to Direct Users to Malicious Websites - The digital landscape has become increasingly perilous as cybercriminals develop sophisticated methods to manipulate search engine results, directing unsuspecting users to malicious websites. ESET researchers identified a sophisticated example of ...
3 days ago Cybersecuritynews.com
Hackers Mimic Google Chrome Install Page on Google Play to Deploy Android Malware - Security researchers have uncovered a sophisticated malware campaign targeting Android users through fake Google Chrome installation pages. The visual similarity to legitimate Google Play pages creates a convincing illusion that tricks unsuspecting ...
3 days ago Cybersecuritynews.com OilRig APT3
CVE-2022-43847 - IBM Aspera Console 3.4.0 through 3.4.4 ...
2 days ago
CVE-2025-3495 - Delta Electronics COMMGR v1 and v2 uses insufficiently randomized values to generate session IDs (CWE-338). An attacker could easily brute force a session ID and load and execute arbitrary code. ...
21 hours ago
CVE-2024-13338 - The Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3.1. This is due to missing or incorrect nonce validation ...
4 days ago
CVE-2025-3418 - The WPC Admin Columns plugin for WordPress is vulnerable to privilege escalation in versions 2.0.6 to 2.1.0. This is due to the plugin not properly restricting user meta values that can be updated through the ajax_edit_save() function. This makes it ...
4 days ago
CVE-2025-3537 - A vulnerability was found in Tutorials-Website Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/update-user.php. The manipulation of the argument ID leads to improper authorization. ...
3 days ago
TROX Stealer Exfiltrate Sensitive Data Including Stored Credit Cards & Browser Credentials - A newly identified malware strain known as TROX Stealer has emerged as a significant threat to consumer data security, leveraging psychological manipulation and technical sophistication to exfiltrate sensitive information. First observed in December ...
3 days ago Cybersecuritynews.com
HollowQuill Malware Attacking Government Agencies Worldwide Via Weaponized PDF Documents - The attack leverages weaponized PDF documents disguised as research papers, grant applications, or official government communiques to entice unsuspecting victims into initiating the infection chain. The malware employs advanced social engineering ...
6 days ago Cybersecuritynews.com
Sensata Technologies hit by ransomware attack impacting operations - Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations. ​Sensata Technologies is an industrial technology company that develops, manufactures, ...
6 days ago Bleepingcomputer.com
Hackers exploit WordPress plugin auth bypass hours after disclosure - Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure. If you’re using OttoKit/SureTriggers, upgrade to version ...
6 days ago Bleepingcomputer.com CVE-2025-3102
Sensata Technologies Hacked - Ransomware Attack Disrupts Operations - The industrial technology firm, which develops sensor-rich solutions and electrical protection systems for automotive, aerospace, and industrial applications, confirmed the cybersecurity incident occurred on Sunday, April 6, 2025, with attackers ...
5 days ago Cybersecuritynews.com